User: Password:
|
|
Subscribe / Log in / New account

TCP vulnerability: cancel red alert

TCP vulnerability: cancel red alert

Posted Apr 22, 2004 13:02 UTC (Thu) by pflugstad (subscriber, #224)
In reply to: TCP vulnerability: cancel red alert by MathFox
Parent article: TCP vulnerability: cancel red alert

That's fine for most things but for BGP it's a problem. BGP is driven by announcemnts - routers announce to their peers the routes they are providing. If the TCP connection is reset a router has to remove the announcements that peer was making to it. This could easily cause loss of connectivity for large portions of the Internet.


(Log in to post comments)

TCP vulnerability: cancel red alert

Posted Apr 22, 2004 15:46 UTC (Thu) by MathFox (guest, #6104) [Link]

I'm feeling somewhat uncomfortable when reading more about BGP: It looks like the protocol is also sensitive to data insertion attacks. Would it be possible to reroute the TCP connection you attack through a man-in-the-middle router? I really need some tea now to get the bad taste out of my mouth!

TCP vulnerability: cancel red alert

Posted Apr 22, 2004 18:03 UTC (Thu) by pflugstad (subscriber, #224) [Link]

Most BGP operators use MD5 signatures on their BGP sessions, using a shared secret between the two BGP peers. This effectively adds fairly string authentication over the connection. It also mitigates this attack. The recent NANOG discussion covers this.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds