North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Winstar says there is no TCP/BGP vulnerability
That isn't the point of my post. Whether or not you think X is a good idea, having someone technical say "we don't support X currently" does not mean a host of other things like "we think X is a bad idea" or any other nonsense like that. On Tue, Apr 20, 2004 at 08:29:34PM -0700, Michel Py wrote: > Please forgive me if I'm naive and/or ask a stupid question, but is > there any reason (besides your platform not supporting it) _not_ to MD5 > your BGP sessions? Geez, on my _home_ router all my v4 BGP sessions are > MD5ed (v6 not there yet). > > Michel. > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Joe Rhett > Sent: Tuesday, April 20, 2004 8:07 PM > To: Rodney Joffe > Cc: NANOG > Subject: Re: Winstar says there is no TCP/BGP vulnerability > > > I've left your entire message below so that one can see I've removed > nothing. Winstar has made NONE of the statements you are interpreting > from > their response. They have simply stated that they don't support it at > this > moment in time. I'll grant you that they could have answered "when" or > "why" or "what else". But they certainly didn't say anything you are > suggesting that they have said. > > <joke>Should we ever meet, I'll remember to never turn down a beer. > You might think I'm pro-prohibition or something...</joke> > > On Tue, Apr 20, 2004 at 01:44:44PM -0700, Rodney Joffe wrote: > > > > Perhaps we are all making too much of this... > > > > It appears that Winstar feels that there is no need for MD5 > > authentication of peering sessions. One of our customers has just had > > the following response from Winstar following a request to implement > MD5 > > on their OC3 connection to Winstar. My first suggestion is to locate > > another upstream provider (they have 3 already). > > > > However, perhaps someone from Winstar would care to help us all > > understand what the alternative solution is to securing the session > via > > MD5? I would *love* an alternative to the 5 days of work we've just > gone > > through. > > > > > -----Original Message----- > > > From: Justin Crawford - NMCW Engineer [mailto:[email protected]] > > > Sent: Tuesday, April 20, 2004 11:13 AM > > > To: xxxxxx > > > Subject: Re: *****SPAM***** MD5 implimentation on BGP > > > > > > xxxxx, > > > > > > Winstar does not currently run MD5 authentication with our peers. > > > > > > Thanks > > > > > > Justin > > > > > > Thank you for your time and business > > > > > > Justin Crawford > > > Winstar NMCW > > > Ph: 206-xxx.xxxx > > > > Has anyone else run in to this with Winstar? > > > > -- > > Rodney Joffe > > CenterGate Research Group, LLC. > > http://www.centergate.com > > "Technology so advanced, even we don't understand it!"(SM) > > -- > Joe Rhett Chief > Geek > [email protected] Isite Services, > Inc. -- Joe Rhett Chief Geek [email protected] Isite Services, Inc.
|