Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP to doom us all

  • From: Rob Thomas
  • Date: Fri Feb 28 22:20:47 2003

Hi, NANOGers.

] However, given the recent academic popularity of attacks against routers,

Indeed!  Compromised routers (generally Cisco) are routinely traded in
the underground.  However, these routers are usually compromised by
taking advantage of weak passwords, e.g. "cisco" for access and enable.  :(

Some who trade for compromised routers (one cisco is worth approximately
three to five stolen credit cards) specifically ask for routers running
BGP, and may pay a premium for this extra.

Trade in compromised Juniper routers is rare, but it does occur.

As to what is done with these compromised routers, well, ask me at the
next NANOG.

There are many things folks can do with existing BGP configurations to
make things a bit better.  Prefix filtering, both on ingress and egress,
MD5 authentication, and ACLs for TCP 179 help.  Are they perfect?  No,
nothing is a panacea.  However, raising the bar even a little can yield
impressive results.

Thanks,
Rob.
-- 
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.