Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: key change for TCP-MD5

  • From: Bora Akyol
  • Date: Fri Jun 23 16:36:43 2006

 

> -----Original Message-----
> From: Barry Greene (bgreene) [mailto:bgreene@cisco.com] 
> Sent: Friday, June 23, 2006 11:50 AM
> To: Bora Akyol; Ross Callon; nanog@merit.edu
> Subject: RE: key change for TCP-MD5
> 
>  
> 
> > If DOS is such a large concern, IPSEC to an extent can be used to 
> > mitigate against it. And IKEv1/v2 with IPSEC is not the horribly 
> > inefficient mechanism it is made out to be. In practice, it 
> is quite 
> > easy to use.
> 
> IPSEC does nothing to protect a network device from a DOS 
> attack. You know that.
> 

Barry

The validity of your statement depends tremendously on how IPSEC is
implemented.

Bora





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.