North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: key change for TCP-MD5
--- Ross Callon <[email protected]> wrote: > Another potential attack is an attempt to insert > information > into a BGP session, such as to introduce bogus > routes, or > to even become a "man in the middle" of a BGP > session. One > issue that worries me about this is that if this > allows routing to > be compromised, then I can figure out how to make > money off > of this (and if I can think of it, someone even > nastier will probably > also think of this). Of course this would be much > more difficult to > pull off, and might require viewing packets between > routers to pull > off, but if pulled off and not quickly detected > could be unfortunate. But it's safe to say that it would be a lot easier to crack a router itself than to unobtrusively insert useful false information, or if the ISP's routers are sufficiently hardened, it would be easier to crack a customer (or peer)'s router, and use that for the injection. The same mechanisa which can detect bogus prefixes from a peer/customer can detect them from a hijacked session. The cost/benefit ratio is better for securing the routers themselves. -David David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
|