Jeff Doyle is allowed to ask questions too. ;-) Serisouly, what was the gist of the responses? Are NANOG types concerned about routing protocol security vulnerabilities? I know that that there's a lot of academic work going on in this area. If you search on "routing protocol security" in Google, for example, you'll come accross lots of references to academic work, IEEE papers, a DAPRA-sponsored Internet Infrastructure Protection project, etc.
There's also an IETF Working Group for this topic, the Routing Protocol Security Requiremetns group or soemthing of that sort (rpsec for short). But I couldn't find any Internet drafts from them!? (just e-mail threads that didn't sound any more sophisticated than the wrangles we get into here! ;-) On a philosophical note, we have to realize that the bad guys aren't going to do the expected things, and if they do, we will have already designed protection for them. I heard Paul Kocher (one of the creators of SSL I think and a security luminary) say at a recent conference, somewhat sarcastically, that the real adversaries lack the propriety to limit themselves to tidy attacks such as brute force, factoring, and differential cryptanalysis.... (the things we tend to protect against with huge keys, etc.) Priscilla Nigel Taylor wrote: > > All, > I was doing my usual reading of the nanog mailing list and > came across one > of the more recent threads - "Routing Protocol Security". > What I found interesting was the name of the original poster, > which noted, > Jeff Doyle! Now, I'm sure there are quite a number of "Jeff > Doyle's" > on the planet, however this name does mean a lot to those of us > who has had > the privilege of owning Routing TCP/IP. > > Basically, I thought folks on the list would be interested in > the question as > it relates to the possible global affects based on current > Internet routing > policies, or lack thereof on "Private-to-Private", IXP peering > or external > peering in general. > > As a side note after reading the recently presented > paper(nanog0202 mtg) "ISP > Essentials Supp" by Barry Raveendran Greene and Philip Smith, > http://www.nanog.org/mtg-0206/ppt/barry.pdf I must say that > BGPv4, the > protocol has made great strides in it's operational > enhancements. > Possible vulnerabilities like the one noted in rfc1948, or the > points raised > by Tim Newsham's paper called "The Problem With Random > Increments" > are for the most part no longer valid/relevant possibilities. > > Furthermore, with the implementation of MD5 support and the > possibility of BGP > over IPSec the future looks bright for the security of global > routing. Of > course with the growing use of mostly layer 2 peering(between > IXP peers) and > MPLS/VPNs the need to implement even greater security within > BGP the protocol itself might become a NON-issue. > > Thoughts anyone > > Nigel > > > >HI, > > >Can any of you cite cases where an attack has been carried out > against a > network's routing protocol (BGP or OSPF in particular)? My > apologies if this > question is too >far off-topic, but if anyone knows of such > incidents it would > be the members of this group. > > >Jeff Doyle > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51381&t=51335 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
