[69939] in North American Network Operators' Group
Re: TCP/BGP vulnerability - easier than you think
daemon@ATHENA.MIT.EDU (E.B. Dreger)
Wed Apr 21 23:11:19 2004
Date: Thu, 22 Apr 2004 03:10:38 +0000 (GMT)
From: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
To: John Kristoff <jtk@northwestern.edu>
Cc: nanog@merit.edu
In-Reply-To: <20040421205123.7938b491.jtk@northwestern.edu>
Errors-To: owner-nanog-outgoing@merit.edu
JK> Date: Wed, 21 Apr 2004 20:51:23 -0500
JK> From: John Kristoff
JK> I would say the risk is due to implementation. If the
JK> vendor's gear vomits quicker due to a resource consumption
JK> issue in handling MD5, is this really a problem with MD5?
Theoretically MD5 and IPSec sound great. Operationally they may
not be the best answer.
JK> These issues can usually be fixed by simply improving the
JK> scaling properties of the implementation that may be required
JK> during adverse conditions.
Crypto chips' prices are declining...
Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
DO NOT send mail to the following addresses :
blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net
Sending mail to spambait addresses is a great way to get blocked.
