On Tue, Aug 13, 2002 at 01:55:50PM -0700, senthil ayyasamy wrote:
Can any of you cite cases where an attack has been carried out against a network's routing protocol (BGP or OSPF in particular)?
I heard people talking about a Dos (not DDos) attack from your neighbor peer router that overflows your routing table with too much data. I am not aware of any DDos on routing packets(?).There are chances for man-in-the-attacks between BGP sessions. The question is how much the crypto- based security mechanisms like MD5 helps prevent routing vulnerabilities. But, I guess misconfiguration can also be considered as a reason behind many vulnerabilities.
Senthil, Hi there.. Agreed, I think there are two major classifications you can lump things under; exploitation of a weak router / misconfiguration to manipulate a legitimate speaker's advertisements, OR a 3rd party box somehow manipulating a routing protocol between other devices. (Using something like nemesis, etc..) While tools like nemesis and other scripts are out there, and perfectly capable of forging/manipulating routing protocol packets, how common is this? Of the problems folks have run into, are they more often the result of a legitimate speaker being compromised & playing with advertisements somehow (and getting through filters that may or may not be present), or from devices actually spoofing their way into the IGP/EGP? Are there any specific attacks anyone is aware of & can share? ..Dylan -- , Dylan Greene , + Juniper Networks + + +1 617/407-6254 + ` dylan@juniper.net '