I am working over BGP security. Trying to guard router itself rather than trying to find the attacker. I am placing the module to test the UPDATE message before the formation of Adj-RIB-out. So that the false / malicious information wont go beyond my router and so that my router and the next hops will be free from attack. Would like to know ur views about this approach.
In message <43895830.7000708@linsyssoft.com>, Kaustubh Atrawalkar writes:
I am working over BGP security. Trying to guard router itself rather than trying to find the attacker. I am placing the module to test the UPDATE message before the formation of Adj-RIB-out. So that the false / malicious information wont go beyond my router and so that my router and the next hops will be free from attack. Would like to know ur views about this approach.
The problem is knowing that the input information is malicious -- how can you tell? --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
participants (2)
-
Kaustubh Atrawalkar -
Steven M. Bellovin