[86979] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: BGP Security

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Nov 27 10:47:43 2005

From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: kaustubh@linsyssoft.com
Cc: nanog@merit.edu
In-Reply-To: Your message of "Sun, 27 Nov 2005 12:24:40 +0530."
             <43895830.7000708@linsyssoft.com> 
Date: Sun, 27 Nov 2005 10:47:09 -0500
Errors-To: owner-nanog@merit.edu


In message <43895830.7000708@linsyssoft.com>, Kaustubh Atrawalkar writes:
>
>I am working over BGP security. Trying to guard router itself rather 
>than trying to find the attacker. I am placing the module to test the 
>UPDATE message before the formation of Adj-RIB-out. So that the false / 
>malicious information wont go beyond my router and so that my router and 
>the next hops will be free from attack. Would like to know ur views 
>about this approach.
>
The problem is knowing that the input information is malicious -- how 
can you tell?

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[86979] in North American Network Operators' Group

Re: BGP Security

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)Sun Nov 27 10:47:43 2005

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Nov 27 10:47:43 2005