|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: md5 for bgp tcp sessions
Eric Gauthier <[email protected]> writes: > Honestly, I completely agree with you that MD5'ing our OSPF > adjacencies isn't a great idea (I've so far stalled its roll-out). > I strongly argued against it internally. There were, however, those > in both the networking and security groups that were concerned about > the OSPF vulnerabilities that were pointed out recently and were in > favor of the MD5s as the mitigation method. passive-interface is your friend. ---rob
|