-Someone else recently wrote a paper on OSPF security features -but I can't
-recall where I saw this.
You may be thinking of my 'Securing OSPF' paper. It's at:
www.liquifried.com/securingospf.html
By no means comprehensive, but a decent why and how-to for securing ospf
with Cisco IOS and gateD.
As far as the popularity of securing interior routing protocols, I've rarely
seen it in the field.
With OSPF, clear text auth is useful in stopping misconfigurations, testing,
and other accidental factors from affecting your routing. Obviously, if an
attacker is listening on the line, this auth won't help.
MD5 is better from a security point of view, but (as always) management can
be an issue. You have to deal with key expiration and changeover as well as
key coordination across routers (same thing for clear text).
Anyhoo, it's an interesting subject I've done a decent amount of work in,
and I'd also be willing to continue the discussion with those interested.
Jason
______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup
Received on Mar 10 2001
Intro
