|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: IP economics morphed into (TCP/RST)
On Thu, 22 Apr 2004, Blaine Christian wrote: > > > > Can I use secondary IP addresses and then BGP with these addresses, this > > would be a form of "security by obscurity" but providing you can keep the > > info a secret thats surely going to do it? > > It will depend on your architecture in large part. In some cases there is > absolutely no need to route the prefixes that you use for your BGP sessions > beyond the devices doing BGP. This can reduce your exposure to MD5 related > cpu churn etc... Yes, but (1) its difficult and (2) as these are external sessions I need to ensure my peers are doing the same, as the chances are they wont and the chances are the attack comes in externally then I'm still at risk Steve
|