Home page logo

nanog logo nanog mailing list archives

RE: What Worked - What Didn't
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Mon, 17 Sep 2001 16:21:06 -0400

At 09:18 PM 9/17/2001 +0100, Alex Bligh wrote:

>--On Monday, 17 September, 2001 2:32 PM -0400 "Patrick W. Gilmore"
><patrick () ianai net> wrote:
>> Maybe I missed something?
>Only all the well documented attacks (including DoS).
>Think about sending RST to BGP port (and other random
>ports) on your routers.

I was under the impression that MD5 would not stop an RST attack. It that incorrect?

And if you filtered on source IP for all your downstreams, this would solve that problem. (Unless the attacker was a major carrier, in which case he may very well be in possession of your MD5 passphrase.)

>Alex Bligh


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]