[164828] in North American Network Operators' Group
Re: OSPF Vulnerability - Owning the Routing Table
daemon@ATHENA.MIT.EDU (Jeff Tantsura)
Sun Aug 4 21:11:22 2013
From: Jeff Tantsura <jeff.tantsura@ericsson.com>
To: Saku Ytti <saku@ytti.fi>
Date: Mon, 5 Aug 2013 01:10:47 +0000
In-Reply-To: <20130804101200.GA6780@pob.ytti.fi>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Agree, that't why using p2p has been mentioned as BCP in networking "howto'=
s" for at least last 10 years.
Regards,
Jeff
On Aug 4, 2013, at 3:14 AM, "Saku Ytti" <saku@ytti.fi> wrote:
> On (2013-08-04 05:01 -0500), Jimmy Hess wrote:
>=20
>> I would say the risk score of the advisory is overstated. And if you
>> think "ospf is secure" against LAN activity after any patch, that
>> would be wishful thinking. Someone just rediscovered one of the
>> countless innumerable holes in the back of the cardboard box and tried
>> covering it with duck tape...
>=20
> I tend to agree. OTOH I'm not 100% sure if it's unexploitable outside LAN
> via unicast OSPF packets.
> But like you say MD5 offers some level of protection. I wish there would =
be
> some KDF for IGP KARP so that each LSA would actually have unique
> not-to-be-repeated password, so even if someone gets copy of one LSA and
> calculates out the MD5 it won't be relevant anymore.
>=20
> L2 is very dangerous in any platform I've tried, access to L2 and you can
> usually DoS the neighbouring router, even when optimally configured
> CoPP/Lo0 filter.
>=20
> --=20
> ++ytti
>=20
