[69827] in North American Network Operators' Group
Re: TCP RST attack (the cause of all that MD5-o-rama)
daemon@ATHENA.MIT.EDU (vijay gill)
Tue Apr 20 17:39:49 2004
Date: Tue, 20 Apr 2004 21:37:52 +0000
From: vijay gill <vgill@vijaygill.com>
To: Dan Hollis <goemon@anime.net>
Cc: Crist Clark <crist.clark@globalstar.com>,
"Patrick W.Gilmore" <patrick@ianai.net>, nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0404201405140.11695-100000@sasami.anime.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Apr 20, 2004 at 02:11:02PM -0700, Dan Hollis wrote:
>
> On Tue, 20 Apr 2004, Crist Clark wrote:
> > But it has limited effectiveness for multi-hop sessions. There is the
> > appeal of a solution that does not depend of the physical layout of the
> > BGP peers.
>
> Does MD5 open the door to cpu DOS attacks on routers though? Eg can
> someone craft a DOS attack to take out the CPU on a router by forcing it
> to MD5 authenticate torrents of junk packets, using less bandwidth than
> it would take to DOS the links themselves?
Yes it does. About 5 mbit of md5 should peg a juniper at 100% according
to my friend alex. I have not verified this in the lab. I suggest
you try it out.
Also, this is why the GTSM (ttl hack) was written up ;)
/vijay
