North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: tcp bgp vulnerability looking glass and route server issues.
On Wed, Apr 21, 2004 at 04:21:51PM -0700, Lane Patterson <[email protected]> wrote: > While I agree that publicly open route-views routers should not allow > display of "sho ip bgp nei" information, this is only giving away 4-tuple > info regarding non-production BGP sessions, right? So folks could A few cases where a non-production session source port suggests same for production sessions, assuming the production router opened the connections: - Reachability for a non-production session can depend on the same interface(s) as production session(s), so they may use sequential ports after an interface flap. - When the source port is near the start of the range (ie, 11020), other sessions with that router may have last reset when it reloaded. Troy |