[69887] in North American Network Operators' Group
Re: TCP/BGP vulnerability - easier than you think
daemon@ATHENA.MIT.EDU (E.B. Dreger)
Wed Apr 21 06:57:01 2004
Date: Wed, 21 Apr 2004 10:56:26 +0000 (GMT)
From: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
To: Adam Rothschild <asr+nanog@latency.net>
Cc: David Luyer <david@luyer.net>, <nanog@merit.edu>
In-Reply-To: <20040421104414.GA83652@latency.net>
Errors-To: owner-nanog-outgoing@merit.edu
ASR> Date: Wed, 21 Apr 2004 06:44:14 -0400
ASR> From: Adam Rothschild
ASR> [T]he TTL hack sounds great on paper, but isn't exactly easy
ASR> to implement when you consider that vendor J and others
ASR> can't filter based upon TTL... yet.
This is more appropriate for cisco-nsp, where it's already been
covered, but the TTL 255 hack was introduced in 12.0(22)S and
12.3(7)T if memory serves me. Pretty sparse pickings, but I
guess it's a start.
Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
DO NOT send mail to the following addresses :
blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net
Sending mail to spambait addresses is a great way to get blocked.
