Re: Athenticatioin on OSPF

Fri, 14 Jul 2000 16:05:35 -0700 

>Edgar,
>
>You are right but do you know if any one use it in real life practise?
>Thanks again.
>
>Henry


There are two kinds of OSPF authentication, cleartext and MD5, and 
there are real-world applications for both.

Cleartext authentication doesn't protect against the most trivial 
attacks, since any sniffer function defeats it.  I find it to be 
useful, however, in situations such as merging two separately defined 
OSPF networks.  As each router is configured, I establish the new 
cleartext password.  That ensures that only reconfigured routers will 
talk to one another.

MD5 authentication is appropriate when there are hostile threats to 
the routing system.  I wouldn't dream, for example, of implementing 
an educational network without it.

Remember that both kinds of authentication protect the integrity of 
the routing system against accidental or deliberate denial of 
service.  They do not authenticate user traffic.

OSPFv6, incidentally, does not have authentication, because it 
assumes its routing information will run over IPv6 packets with 
header authentication as a standard.

>""Feliz, Edgar"" <[EMAIL PROTECTED]> wrote in message
>A1951EBFDB75D31188E200805F6FEE719126E1@SNYC1NT02">news:A1951EBFDB75D31188E200805F6FEE719126E1@SNYC1NT02...
>  > Would it hurt to know it?
>  >
>  > -----Original Message-----
>  > From: justier [mailto:[EMAIL PROTECTED]]
>  > Sent: Friday, July 14, 2000 11:17 AM
>  > To: [EMAIL PROTECTED]
>  > Subject: Athenticatioin on OSPF
>  >
>  >
>  > Hi, all
>  >
>  > Does anyone know if BSCN would cover the athentication on OSPF or not?
>  > Thanks in advance.
>  >
>  > Henry
>  >
>___________________________________
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to