North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: BGP to doom us all
- From: alex
- Date: Fri Feb 28 22:36:11 2003
> Indeed! Compromised routers (generally Cisco) are routinely traded in
> the underground. However, these routers are usually compromised by
> taking advantage of weak passwords, e.g. "cisco" for access and enable. :(
RCS of your router config is your friend.
mailing of the diff between authorized config and running config every N
mintues to eng-int@network is your friend.
Not running "trust everything" configuration on your network is your friend.
> Some who trade for compromised routers (one cisco is worth approximately
> three to five stolen credit cards) specifically ask for routers running
> BGP, and may pay a premium for this extra.
Who cares? If the other routers are configured correctly, they wont take
tainted advertisements. If they are not configured correctly, any Super
Secure BGP wont help.