On Tuesday, March 12, 2002, at 03:23 , Ratul Mahajan wrote:
Perhaps the attacks on core routers aren't bad enough to justify such a drastic step yet. I get conflicting signals from engineers still working. Some say they see attacks all the time, others say they've never seen one on their core routers.
On the downside -- this is yet another instance of conflict between research and operations. Being able to address the (core) routers directly is an important capability researchers use for tasks like topology discovery and path/routing characterization. Of course, if researchers can talk to the routers, so can the attackers .....
Just because routing protocols use addressing or protocols which are not globally routable doesn't mean that core routers can't be addressed directly. IS-IS neighbours use NSAP addressing and OSI transport to exchange routing information, for example, but traceroute still works. Joe