[69891] in North American Network Operators' Group
Re: Winstar says there is no TCP/BGP vulnerability
daemon@ATHENA.MIT.EDU (Pekka Savola)
Wed Apr 21 07:28:17 2004
Date: Wed, 21 Apr 2004 14:23:38 +0300 (EEST)
From: Pekka Savola <pekkas@netcore.fi>
To: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
Cc: Dan Hollis <goemon@anime.net>,
Rodney Joffe <rjoffe@centergate.com>, NANOG <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.44.0404211048230.13204-100000@a.mx.ict1.everquick.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 21 Apr 2004, E.B. Dreger wrote:
> DH> Date: Wed, 21 Apr 2004 02:01:56 -0700 (PDT)
> DH> From: Dan Hollis
>
> DH> Wouldnt anti-spoofing filters largely eliminate the need for
> DH> all this panic about MD5?
>
> But that doesn't push the short-term cost onto other networks.
Not sure what you're saying. You don't need to deploy anti-spoofing
filters everywhere. It needs to be done by those parties which are
the ones setting up MD5 passwords. No more than that. (See my thread
"Alternatives to MD5" for more.)
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
