Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP Exploit

  • From: Danny McPherson
  • Date: Wed May 12 17:53:30 2004


On May 12, 2004, at 2:41 PM, Mark Johnson wrote:

What if sessions were attacked without MD5 in place. We would just see
session resets. As these happen anyway frequently at peering points is there
any straightforward way to determine if the vulnerability caused the reset?
Depends on why it happens frequently.  If it happens because
you've got Network/Transport Layer or underlying connection problems
then there's some other brokenness you should probably be more
concerned with.

If you're referring to session resets because of a peer or user
action then something akin to "Last reset due to FOO" can likely
be gleaned from "show bgp neighbor" output, especially since BGP
performs "graceful shutdown" via notification messages under normal
conditions

I.e., you should probably be very concerned with any session
reset for which no valid explanation is available via CLI or
other means.

-danny






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.