[10844] in bugtraq
Re: TCP MD5 option problem
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Jun 16 22:55:43 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990617023345.5960641F16@SIGABA.research.att.com>
Date: Wed, 16 Jun 1999 22:33:36 -0400
Reply-To: "Steven M. Bellovin" <smb@RESEARCH.ATT.COM>
From: "Steven M. Bellovin" <smb@RESEARCH.ATT.COM>
X-To: Craig Metz <cmetz@inner.net>
To: BUGTRAQ@NETSPACE.ORG
In message <199906141822.SAA05311@inner.net>, Craig Metz writes:
>
> The (IMO) obvious fix for this problem is to use IPsec's Authentication
> Header (AH) and to deprecate the TCP MD5 option. There are several freely
> available and viable AH implementations for BSD (including the NRL, OpenBSD,
> and KAME ones) and I believe that modern IOS has AH code in it though it's not
> currently set up for protecting routing traffic. AH covers all of the TCP
> header and options, as well as typically having a better MAC function (the RFC
> 2385 option builds a MAC by appending the key, which is possibly the weakest
> way to do it).
The RFC 2385 scheme describes a hack that was developed precisely because
IPSEC wasn't ready, and *something* was needed to protect BGP traffic.
You're absolutely right -- no one should use it for any new work.
