North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Winstar says there is no TCP/BGP vulnerability

  • From: Alexei Roudnev
  • Date: Thu Apr 22 03:17:23 2004

If they make proper anty-spoofiing filtering, no need in MD5. 


> 
> Perhaps we are all making too much of this...
> 
> It appears that Winstar feels that there is no need for MD5
> authentication of peering sessions. One of our customers has just had
> the following response from Winstar following a request to implement MD5
> on their OC3 connection to Winstar. My first suggestion is to locate
> another upstream provider (they have 3 already).
> 
> However, perhaps someone from Winstar would care to help us all
> understand what the alternative solution is to securing the session via
> MD5? I would *love* an alternative to the 5 days of work we've just gone
> through.
> 
> > -----Original Message-----
> > From: Justin Crawford - NMCW Engineer [mailto:[email protected]]
> > Sent: Tuesday, April 20, 2004 11:13 AM
> > To: xxxxxx
> > Subject: Re: *****SPAM***** MD5 implimentation on BGP
> > 
> > xxxxx,
> > 
> > Winstar does not currently run MD5 authentication with our peers.
> > 
> > Thanks
> > 
> > Justin
> > 
> > Thank you for your time and business
> > 
> > Justin Crawford
> > Winstar NMCW
> > Ph: 206-xxx.xxxx
> 
> Has anyone else run in to this with Winstar?
> 
> -- 
> Rodney Joffe
> CenterGate Research Group, LLC.
> http://www.centergate.com
> "Technology so advanced, even we don't understand it!"(SM)