[70211] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: BGP Exploit

daemon@ATHENA.MIT.EDU (Smith, Donald)
Wed May 5 10:43:04 2004

Date: Wed, 5 May 2004 08:42:20 -0600
From: "Smith, Donald" <Donald.Smith@qwest.com>
To: "james" <hackerwacker@cybermesa.com>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu


%tcp-6-badauth: No MD5 digest from SRC.IP.NET.HOST(portnumber) to
DST.IP.NET.HOST(portnumber)

Donald.Smith@qwest.com GCIA
http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xAF00EDCC
pgpFingerPrint:9CE4 227B B9B3 601F B500  D076 43F1 0767 AF00 EDCC
kill -13 111.2=20

> -----Original Message-----
> From: james [mailto:hackerwacker@cybermesa.com]=20
> Sent: Tuesday, May 04, 2004 4:41 PM
> To: Smith, Donald
> Cc: nanog@merit.edu
> Subject: Re: BGP Exploit=20
>=20
>=20
> What would a Cisco log if the IP's for the BGP sessions were=20
> attacked & MD5 was in place ? "No MD5 digest from <IP>", "=20
> Invalid MD5 digest from <IP>" or something else ? So far,=20
> grepping through my logs all I see for "MD5" are the the=20
> times I set MD5 for my BGP sessions.
>=20
> --=20
> James H. Edwards
> Routing and Security
> At the Santa Fe Office: Internet at Cyber Mesa=20
> jamesh@cybermesa.com noc@cybermesa.com
> (505) 795-7101
>=20
>=20


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[70211] in North American Network Operators' Group

RE: BGP Exploit

daemon@ATHENA.MIT.EDU (Smith, Donald)Wed May 5 10:43:04 2004

daemon@ATHENA.MIT.EDU (Smith, Donald)
Wed May 5 10:43:04 2004