nanog mailing list archives
Re: attacks on MPLS?
From: Charles Wyble <charles () thewybles com>
Date: Thu, 09 Apr 2009 10:14:39 -0700
Well if we pull apart the article a bit.... Quote 1)Network infrastructure security has been in the limelight lately, with researchers uncovering big vulnerabilities in the Domain Name System (DNS), the Border Gateway Protocol (BGP), TCP, and in Cisco routers.
Wasn't aware of any big vulns in BGP (are they referring to the defcon talk that rehashed ages old bgp trust exploitation?). Cisco vulns (I realize cisco released several patches recently but not aware of any signifcant vulns).
Quote 2)own set of switches and management infrastructures, and their own set of surrounding technologies," he says, "and the average attacker could not get his hands on that equipment."
Hmmmm. Really? http://www.gns3-labs.com/2009/01/23/mpls-vpn-and-traffic-engineering/ + torrent the appropriate IOS images. That seems like it would be enough to build a lab environment for exploit development.
Seems like the article is a lot of fear mongering. Steven M. Bellovin wrote:
http://www.darkreading.com/securityservices/services/data/showArticle.jhtml?articleID=216403220 --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- attacks on MPLS? Steven M. Bellovin (Apr 09)
- Re: attacks on MPLS? Christopher Morrow (Apr 09)
- Re: attacks on MPLS? Florian Weimer (Apr 10)
- Re: attacks on MPLS? Charles Wyble (Apr 09)
- Re: attacks on MPLS? Wayne E. Bouchard (Apr 09)
- Re: attacks on MPLS? Charles Wyble (Apr 09)
- Re: attacks on MPLS? Christopher Morrow (Apr 09)
- Re: attacks on MPLS? Micheal Patterson (Apr 09)
- Re: attacks on MPLS? Wayne E. Bouchard (Apr 09)
- Re: attacks on MPLS? Hector Herrera (Apr 09)
- Re: attacks on MPLS? Christian Koch (Apr 09)
- Re: attacks on MPLS? Christian Koch (Apr 09)
- Re: attacks on MPLS? Truman Boyes (Apr 10)
- Re: attacks on MPLS? Christian Koch (Apr 09)
- Re: attacks on MPLS? Nicolas FISCHBACH (Apr 10)
- Re: attacks on MPLS? Christopher Morrow (Apr 09)