RE: Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability (fwd)
All, Xspedius (formerly e.spire/ACSI) is in the process of converting BGP connections to MD5. We have already done so with both of our transit providers and we're working on contacting customers that we do BGP with. If anyone is a customer of Xspedius and wants to convert to MD5, please email me or open a ticket with the NOC and request that it be referred to Dwayne Chin in Tier II DMC, who is working with me on this project. Otherwise, we will be contacting you directly. Regards, Diane Turley Network Engineer Xspedius Communications Co. peering@xspedius.com ---------- Forwarded message ---------- Date: Tue, 20 Apr 2004 15:30:30 -0600 From: " John Brown (CV)" <jmbrown@chagresventures.com> To: Rodney Joffe <rjoffe@centergate.com> Cc: NANOG <nanog@merit.edu> Subject: Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability Seems Xspedius aka E.SPire aka ACSI doesn't feel that MD5 is important on their BGP sessions either. Based on the ticket we filed last week, Managment does not feel its warranted to make these changes. On the other hand, SPRINT was willing and able to take MD5 session info right away. WAY TO GO SPRINT. On Tue, Apr 20, 2004 at 01:44:44PM -0700, Rodney Joffe wrote:
Perhaps we are all making too much of this...
It appears that Winstar feels that there is no need for MD5 authentication of peering sessions. One of our customers has just had the following response from Winstar following a request to implement MD5 on their OC3 connection to Winstar. My first suggestion is to locate another upstream provider (they have 3 already).
However, perhaps someone from Winstar would care to help us all understand what the alternative solution is to securing the session via MD5? I would *love* an alternative to the 5 days of work we've just gone through.
-----Original Message----- From: Justin Crawford - NMCW Engineer [mailto:jcrawford@winstar.net] Sent: Tuesday, April 20, 2004 11:13 AM To: xxxxxx Subject: Re: *****SPAM***** MD5 implimentation on BGP
xxxxx,
Winstar does not currently run MD5 authentication with our peers.
Thanks
Justin
Thank you for your time and business
Justin Crawford Winstar NMCW Ph: 206-xxx.xxxx
Has anyone else run in to this with Winstar?
-- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"(SM)
participants (1)
-
Peering