[59869] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Cisco vulnerability and dangerous filtering techniques

daemon@ATHENA.MIT.EDU (Scott McGrath)
Wed Jul 23 12:27:58 2003

Date: Wed, 23 Jul 2003 12:32:25 -0400
From: Scott McGrath <mcgrath@fas.harvard.edu>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.10.10307231234070.29081-100000@s1.yuriev.com>
Errors-To: owner-nanog-outgoing@merit.edu

Another argument for OSPF authentication it seems.   However we are 
still out of luck in the STP announcements
unless you configure all the neat little *guard features (bpdu,root 
etc) from Cisco et al.

On Wednesday, July 23, 2003, at 12:34 PM, alex@yuriev.com wrote:

>
>> Like I said, it's not going to be perfect, but it is better than 
>> blindly
>> spewing out evil packets.
>
> Between me and you, ospf packets or bad stp packets are a lot more 
> dangerous
> than the whack a cisco router. Just try it.
>
> Alex


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[59869] in North American Network Operators' Group

Re: Cisco vulnerability and dangerous filtering techniques

daemon@ATHENA.MIT.EDU (Scott McGrath)Wed Jul 23 12:27:58 2003

daemon@ATHENA.MIT.EDU (Scott McGrath)
Wed Jul 23 12:27:58 2003