[59837] in North American Network Operators' Group
Re: Cisco vulnerability and dangerous filtering techniques
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Jul 22 17:51:12 2003
To: alex@yuriev.com
Cc: "Austad, Jay" <JAustad@temgweb.com>, nanog@merit.edu
In-Reply-To: Your message of "Tue, 22 Jul 2003 17:50:17 EDT."
<Pine.LNX.4.10.10307221745390.12930-100000@s1.yuriev.com>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 22 Jul 2003 17:50:35 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_463262629P
Content-Type: text/plain; charset=us-ascii
On Tue, 22 Jul 2003 17:50:17 EDT, alex@yuriev.com said:
> How many thousands of "polls" do you think a looking glass can handle
> simultaneously? I am all for the doomsday scenarios, but lets make them a
> little bit less sci-fi, shall we? How about "it would create valid looking
> OSPF packets with garbage in them?" or "create valid looking STP packets"
Why would thousands be needed? We already *know* that the bad guys
are *well* acquainted with using P2P networks for controlling zombies. There's
no reason a few strategic queries won't provide a good first approximation, which
can then be distributed. Remember - it doesn't have to be perfect to cause a problem. ;)
And no, there's no reason they can;t create poison OSPF or STP packets.
--==_Exmh_463262629P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE/HbGqcC3lWbTT17ARApo8AJ9i10RZuqIJAaHRRYHc5ePEAGgixgCgm6QE
jafW/PrVER/M7WCzM/rajKQ=
=wdyj
-----END PGP SIGNATURE-----
--==_Exmh_463262629P--
