18 Sep
2001
18 Sep
'01
6:17 p.m.
Roeland Meyer wrote:
Why, IGP shouldn't even be visible from outside the border, neh? Internal issues are, internal issues. If it leaks, plug the leak.
It may be possible for for an attacker to send updates either from the outside or perhaps more effectively from inside via a compromised host. In addition to authentication mechanisms, anti-spoofing/sanity filters could also help. Disabling the reception/advertisement of updates from certain physical interfaces entirely that don't need them may also be helpful. John