23 Jun
2005
23 Jun
'05
11:51 a.m.
Eric Gauthier <eric@roxanne.org> writes:
Honestly, I completely agree with you that MD5'ing our OSPF adjacencies isn't a great idea (I've so far stalled its roll-out). I strongly argued against it internally. There were, however, those in both the networking and security groups that were concerned about the OSPF vulnerabilities that were pointed out recently and were in favor of the MD5s as the mitigation method.
passive-interface is your friend. ---rob