Re: protecting operational networks

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: protecting operational networks

From: Ran Atkinson
Date: Mon Sep 15 12:00:08 1997

On Sep 13 16:44, Sean M. Doran wrote:

% Then, some protection for routing protocols to make them
% both more robust and more secure, and life is a bit nicer.

IMHO, any serious network operator using OSPF or BGP should
have already deployed the techniques below (as applicable):
	OSPF with Keyed MD5 Authentication
	BGP-4 with the Keyed MD5 Authentication extension
		as a TCP option.

WRT ISIS, lack of a CLNP infrastructure limits the ability of
outsiders to attack a network.  Nonetheless, ISIS should probably
also get some kind of cryptographic authentication extension.

Ran
rja@home.net

Follow-Ups:
- Re: protecting operational networks Vadim Antonov

References:
- Re: not rewriting next-hop, pointing default, ... Alex.Bligh
- Re: not rewriting next-hop, pointing default, ... Sean M. Doran

Prev by Date: RE: ATM (was Re: too many routes)
Next by Date: set next-hop based on source/dest port?
Date Index
Thread Index
Author Index
Historical