North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP Exploit

  • From: Iljitsch van Beijnum
  • Date: Thu May 13 08:20:07 2004 
On 13-mei-04, at 13:31, Mark Johnson wrote:


I think what I'm trying to ask is:



1. Does anyone know if the exploit is actually being used? and

2. I assume there is no way to identify an exploit reset from the usual

resets caused by routers hanging, ports failing, DDoS's, etc. However,
I

thought I'd ask...



This is from a couple of weeks, give or take, on an interface with 100
or so peers:



deny tcp any any eq bgp rst log-input (3714 matches)



If this is an attack I wish they were all like this. :-)