| |||||||||||||
TCP vulnerability: cancel red alertTCP vulnerability: cancel red alertPosted Apr 22, 2004 6:17 UTC (Thu) by MathFox (guest, #6104)Parent article: TCP vulnerability: cancel red alert
When I am writing a networked application (I am a Software Engineer), one of the first things on my design checklist is: "What if the network connection goes down?" (Put that next to "What information will be exposed to the net?" and "How do we restrict remote administration to a trusted set of people?")
(Log in to post comments)
TCP vulnerability: cancel red alert Posted Apr 22, 2004 13:02 UTC (Thu) by pflugstad (subscriber, #224) [Link] That's fine for most things but for BGP it's a problem. BGP is driven by announcemnts - routers announce to their peers the routes they are providing. If the TCP connection is reset a router has to remove the announcements that peer was making to it. This could easily cause loss of connectivity for large portions of the Internet.
TCP vulnerability: cancel red alert Posted Apr 22, 2004 15:46 UTC (Thu) by MathFox (guest, #6104) [Link] I'm feeling somewhat uncomfortable when reading more about BGP: It looks like the protocol is also sensitive to data insertion attacks. Would it be possible to reroute the TCP connection you attack through a man-in-the-middle router? I really need some tea now to get the bad taste out of my mouth!
TCP vulnerability: cancel red alert Posted Apr 22, 2004 18:03 UTC (Thu) by pflugstad (subscriber, #224) [Link] Most BGP operators use MD5 signatures on their BGP sessions, using a shared secret between the two BGP peers. This effectively adds fairly string authentication over the connection. It also mitigates this attack. The recent NANOG discussion covers this.
|
|||||||||||||