[69924] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: TCP/BGP vulnerability - easier than you think

daemon@ATHENA.MIT.EDU (Paul Jakma)
Wed Apr 21 15:21:59 2004

Date: Wed, 21 Apr 2004 20:17:09 +0100 (IST)
From: Paul Jakma <paul@clubi.ie>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Cc: Daniel Roesen <dr@cluenet.de>, nanog@merit.edu
In-Reply-To: <134DCDD6-939D-11D8-90B6-000A95CD987A@muada.com>
Errors-To: owner-nanog-outgoing@merit.edu


On Wed, 21 Apr 2004, Iljitsch van Beijnum wrote:

> I'm not recommending this for "small" peers as the crypto DoS risk
> is worse than what happens when the attack is executed
> successfully.

Why would MD5 be more of a crypto DoS risk with IPSec AH headers than
with bgp tcp-md5?

regards,
-- 
Paul Jakma	paul@clubi.ie	paul@jakma.org	Key ID: 64A2FF6A
	warning: do not ever send email to spam@dishone.st
Fortune:
"Lead us in a few words of silent prayer."
-- Bill Peterson, former Houston Oiler football coach


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[69924] in North American Network Operators' Group

Re: TCP/BGP vulnerability - easier than you think

daemon@ATHENA.MIT.EDU (Paul Jakma)Wed Apr 21 15:21:59 2004

daemon@ATHENA.MIT.EDU (Paul Jakma)
Wed Apr 21 15:21:59 2004