[53158] in North American Network Operators' Group
Re: BGP security in practice
daemon@ATHENA.MIT.EDU (alex@yuriev.com)
Mon Nov 4 13:12:44 2002
Date: Mon, 4 Nov 2002 13:18:14 -0500 (EST)
From: alex@yuriev.com
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
> I didn't say that MD5 would solve the configuration problems, but
> that the fact that just mis-configuration errors can cause lots of
> damage should clue people into the fact that the protocol has
> vulnerabilities to deliberate attack.
Every protocol is vulnerable if the principals are mis-configured (i.e. do not
follow the protocol).
The protocol for crossing a busy street at the light involves checking for
the green light before crossing the street. A mis-configured principal checks
the light, ignores red or yellow, and immediately crosses. Does it mean that
the protocol is broken or does it mean that a principal is broken?
Alex
P.S. In this specific case I am strictly looking at "misconfiguration causes
problems" implies brokenness of the protocol.
