[69947] in North American Network Operators' Group
Re: Winstar says there is no TCP/BGP vulnerability
daemon@ATHENA.MIT.EDU (Alexei Roudnev)
Thu Apr 22 03:15:19 2004
From: "Alexei Roudnev" <alex@relcom.net>
To: "Rodney Joffe" <rjoffe@centergate.com>, "NANOG" <nanog@merit.edu>
Date: Thu, 22 Apr 2004 00:14:55 -0700
Errors-To: owner-nanog-outgoing@merit.edu
If they make proper anty-spoofiing filtering, no need in MD5.
>
> Perhaps we are all making too much of this...
>
> It appears that Winstar feels that there is no need for MD5
> authentication of peering sessions. One of our customers has just had
> the following response from Winstar following a request to implement MD5
> on their OC3 connection to Winstar. My first suggestion is to locate
> another upstream provider (they have 3 already).
>
> However, perhaps someone from Winstar would care to help us all
> understand what the alternative solution is to securing the session via
> MD5? I would *love* an alternative to the 5 days of work we've just gone
> through.
>
> > -----Original Message-----
> > From: Justin Crawford - NMCW Engineer [mailto:jcrawford@winstar.net]
> > Sent: Tuesday, April 20, 2004 11:13 AM
> > To: xxxxxx
> > Subject: Re: *****SPAM***** MD5 implimentation on BGP
> >
> > xxxxx,
> >
> > Winstar does not currently run MD5 authentication with our peers.
> >
> > Thanks
> >
> > Justin
> >
> > Thank you for your time and business
> >
> > Justin Crawford
> > Winstar NMCW
> > Ph: 206-xxx.xxxx
>
> Has anyone else run in to this with Winstar?
>
> --
> Rodney Joffe
> CenterGate Research Group, LLC.
> http://www.centergate.com
> "Technology so advanced, even we don't understand it!"(SM)
