North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Winstar says there is no TCP/BGP vulnerability

  • From: James
  • Date: Thu Apr 22 15:36:35 2004 
anti spoofing filtering won't help you with your ebgp peer if the packet
is spoofed to your peer's address and hits the peering interface. try
adding GTSM with anti-spoofing. makes it far harder..

-J


On Thu, Apr 22, 2004 at 12:14:55AM -0700, Alexei Roudnev wrote:
> 
> If they make proper anty-spoofiing filtering, no need in MD5. 
> 
> 
> > 
> > Perhaps we are all making too much of this...
> > 
> > It appears that Winstar feels that there is no need for MD5
> > authentication of peering sessions. One of our customers has just had
> > the following response from Winstar following a request to implement MD5
> > on their OC3 connection to Winstar. My first suggestion is to locate
> > another upstream provider (they have 3 already).
> > 
> > However, perhaps someone from Winstar would care to help us all
> > understand what the alternative solution is to securing the session via
> > MD5? I would *love* an alternative to the 5 days of work we've just gone
> > through.
> > 
> > > -----Original Message-----
> > > From: Justin Crawford - NMCW Engineer [mailto:[email protected]]
> > > Sent: Tuesday, April 20, 2004 11:13 AM
> > > To: xxxxxx
> > > Subject: Re: *****SPAM***** MD5 implimentation on BGP
> > > 
> > > xxxxx,
> > > 
> > > Winstar does not currently run MD5 authentication with our peers.
> > > 
> > > Thanks
> > > 
> > > Justin
> > > 
> > > Thank you for your time and business
> > > 
> > > Justin Crawford
> > > Winstar NMCW
> > > Ph: 206-xxx.xxxx
> > 
> > Has anyone else run in to this with Winstar?
> > 
> > -- 
> > Rodney Joffe
> > CenterGate Research Group, LLC.
> > http://www.centergate.com
> > "Technology so advanced, even we don't understand it!"(SM)

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                        Network Design, Consulting, IT Outsourcing
[email protected]                  Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net