14 Aug
2002
14 Aug
'02
1:23 p.m.
What are the best current practices ISPs use to maintain routing protocol security? 1. None - May be acceptable in some environments 2. I don't tell anyone about my routing protocols 3. Firewalls protect me 4. Don't exchange routing information with external parties 5. Explicit routing neighbor assocations - passive-interface default 6. Address validation on all edge devices 7. Signed routing messages - MD5 or something else 8. Non-routed routing infrastructure - RFC1918 for core 9. Non-IP routing protocols - ISIS 10. Out-of-band route servers - SS7 here we come