On Tue, Aug 14, 2018 at 05:28:13PM -0600, Grant Taylor via NANOG wrote:
On 08/14/2018 03:38 PM, Randy Bush wrote:
so we started to wonder if, since we started protecting our bgp sessions with md5 (in the 1990s), are there still folk trying to attack?
n00b response here
I thought using ACLs or otherwise protecting the BGP endpoint was best practice. Thus it's really hard to even try break an MD5 protected BGP session if you can't even establish the TCP connection.
Everything that I've seen or set up had an ACL to only allow the peer(s) to be able to connect to (from memory) TCP port 179.
Is there something that I've missed the boat on?
#learningOpportunity
To further harden your setup, consider using GTSM https://tools.ietf.org/html/rfc5082 Kind regards, Job