|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: key change for TCP-MD5
> > Another potential attack is an attempt to insert information > into a BGP session, such as to introduce bogus routes, or to > even become a "man in the middle" of a BGP session. One issue > that worries me about this is that if this allows routing to > be compromised, then I can figure out how to make money off > of this (and if I can think of it, someone even nastier will > probably also think of this). Of course this would be much > more difficult to pull off, and might require viewing packets > between routers to pull off, but if pulled off and not > quickly detected could be unfortunate. > > Ross This one is hard to pull off. I think the general conclusion a couple years ago in the study that Sean Convery and Matt Franz did was that it was less work to try to own the router or buy your own AS ;) Bora
|