Re: BGP security in practice
I didn't say that MD5 would solve the configuration problems, but that the fact that just mis-configuration errors can cause lots of damage should clue people into the fact that the protocol has vulnerabilities to deliberate attack.
Every protocol is vulnerable if the principals are mis-configured (i.e. do not follow the protocol). The protocol for crossing a busy street at the light involves checking for the green light before crossing the street. A mis-configured principal checks the light, ignores red or yellow, and immediately crosses. Does it mean that the protocol is broken or does it mean that a principal is broken? Alex P.S. In this specific case I am strictly looking at "misconfiguration causes problems" implies brokenness of the protocol.
Yes, but... A protocol in which principal A's misconfiguration can seriously harm principle B is more broken than one in which it cannot. That's why the protocol for crossing a busy street includes "In addition to the light status, look for actual moving vehicles." That way, you don't get run over by someone else's misconfiguration. Time for a new metaphor, methinks. - Eric Anderson Thus spake alex@yuriev.com (alex@yuriev.com):
Every protocol is vulnerable if the principals are mis-configured (i.e. do not follow the protocol).
The protocol for crossing a busy street at the light involves checking for the green light before crossing the street. A mis-configured principal checks the light, ignores red or yellow, and immediately crosses. Does it mean that the protocol is broken or does it mean that a principal is broken?
P.S. In this specific case I am strictly looking at "misconfiguration causes problems" implies brokenness of the protocol.
participants (3)
-
alex@yuriev.com -
Eric Anderson -
Vadim Antonov