[69940] in North American Network Operators' Group
Re: tcp bgp vulnerability looking glass and route server issues.
daemon@ATHENA.MIT.EDU (Troy Davis)
Wed Apr 21 23:38:26 2004
Date: Wed, 21 Apr 2004 20:37:45 -0700
From: Troy Davis <troy@nack.net>
To: nanog@merit.edu
Cc: Lane Patterson <lpatterson@equinix.com>
In-Reply-To: <F601CBBB9ADC134D85D0D5A0A0998E56A3B118@webmail.equinix.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Apr 21, 2004 at 04:21:51PM -0700, Lane Patterson <lpatterson@equinix.com> wrote:
> While I agree that publicly open route-views routers should not allow
> display of "sho ip bgp nei" information, this is only giving away 4-tuple
> info regarding non-production BGP sessions, right? So folks could
A few cases where a non-production session source port suggests same for
production sessions, assuming the production router opened the connections:
- Reachability for a non-production session can depend on the same
interface(s) as production session(s), so they may use sequential ports
after an interface flap.
- When the source port is near the start of the range (ie, 11020), other
sessions with that router may have last reset when it reloaded.
Troy
