Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] RIP & OSPF testing
From: Dug Song <dugsong () MONKEY ORG>
Date: Sat, 25 Nov 2000 16:37:23 -0500

On Sat, Nov 25, 2000 at 05:19:25PM -0000, Curt Wilson wrote:

I'm looking for information that goes beyond the usual router
exploits such as weak SNMP community names, bad choices for enable
password, bad or no egress/ingress filtering, etc. I really want to
dig into the protocol level.

i'd be extremely careful with this. perturbing the network with some
simple scans or sniffing for secrets is one thing; segmenting the
network with bad routing updates or advertisements is something else
altogether.

and in the worst case, your "tests" may have catastrophic effects well
beyond the customer's immediate network, e.g. BGP updates rippling out
across the Internet, routing arbiter or no. unless you *really*
understand what you're doing, playing with fault injection in routing
protocols on the public Internet is a Really Bad Idea.

see Craig Labovitz's recent work on routing stability for more info:

        http://research.microsoft.com/users/labovit/

-d.

---
http://www.monkey.org/~dugsong/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault