[164819] in North American Network Operators' Group
Re: OSPF Vulnerability - Owning the Routing Table
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Sat Aug 3 19:38:50 2013
In-Reply-To: <CAO1bj=ZZ3pQHhduj+C-BREjKo5K6dYghhvtbooKnB+JB3uJcTQ@mail.gmail.com>
Date: Sat, 3 Aug 2013 18:38:39 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: Aled Morris <aledm@qix.co.uk>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 8/2/13, Aled Morris <aledm@qix.co.uk> wrote:
> Cisco published an advisory on OSPF vulnerability yesterday I think. I
> assume it's related.
OSPF is a dynamic routing protocol. It automatically discovers
neighbors on a multi-access segment claiming to be routers.
In what way could it possibly be unexpected that an attacker can pose
as a router and inject false routes; if an attacker able to emit
multicast to OSPF multicast address onto a LAN speaking OSPF?
That's not news to me, but fully expected.
Do the vendors /really/ have a code fix to what would seem to be an
inherent problem; if you failed to properly secure your OSPF
implementation (via MD5 authentication)?
> OSPFv3 is not vulnerable, and connections protected by MD5 are safe too,
> apparently.
>
> Aled
--
-JH
