What are the different ways one might be able to inject bogus routing announcements into a network running OSPF? I'm trying to determine if there really is a need for enabling authentication on OSPF or if this is really not needed.
Suppose OSPF is running throughout a network but that all interfaces connecting to peers have been set to passive. Will a router process an OSPF packet if it's received and the destination IP address is not 224.0.0.x? So, if someone sends an OSPF packet to a physical interface on a router (or its loopback), would the router process anyway? Is it possible to for someone to build a neighbor relationship with a router in the network which are not directly connected (ala bgp nulti-hop)? Again, I'm assuming someone is trying to do this maliciously, so the attacked router won't be configured with a virtual link back to the attacking device. Any thoughts appreciated. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49952&t=49952 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]