User: Password:
|
|
Subscribe / Log in / New account

TCP vulnerability: cancel red alert

TCP vulnerability: cancel red alert

Posted Apr 22, 2004 15:46 UTC (Thu) by MathFox (guest, #6104)
In reply to: TCP vulnerability: cancel red alert by pflugstad
Parent article: TCP vulnerability: cancel red alert

I'm feeling somewhat uncomfortable when reading more about BGP: It looks like the protocol is also sensitive to data insertion attacks. Would it be possible to reroute the TCP connection you attack through a man-in-the-middle router? I really need some tea now to get the bad taste out of my mouth!


(Log in to post comments)

TCP vulnerability: cancel red alert

Posted Apr 22, 2004 18:03 UTC (Thu) by pflugstad (subscriber, #224) [Link]

Most BGP operators use MD5 signatures on their BGP sessions, using a shared secret between the two BGP peers. This effectively adds fairly string authentication over the connection. It also mitigates this attack. The recent NANOG discussion covers this.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds