North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: TCP/BGP vulnerability - easier than you think

  • From: E.B. Dreger
  • Date: Wed Apr 21 12:39:47 2004

IvB> Date: Wed, 21 Apr 2004 15:09:15 +0200
IvB> From: Iljitsch van Beijnum


IvB> [T]he filters I listed in my earlier message simply filter
IvB> RSTs to/from the BGP port without looking at the address
IvB> fields [...] the BGP hold timer takes care of business here
IvB> anyway [...]

Interesting thought.  Smells like IRC.

Still leaves SYNs to be addressed, at least in theory.  Has
anyone tried hitting * with an in-window SYN to know if this is
indeed an issue?


Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
          DO NOT send mail to the following addresses :
  [email protected] -or- [email protected] -or- [email protected]
Sending mail to spambait addresses is a great way to get blocked.