[Nlnog] [Fwd: [Fwd: [IDS-Europe] Unauthenticated BGP vulnerability - vendor independent]]

Marcel ten Berg marcel at sc-network.nl
Wed Apr 14 19:24:13 UTC 2004


-------- Original Message --------
Subject: [IDS-Europe] Unauthenticated BGP vulnerability - vendor independent
Date: Wed, 14 Apr 2004 21:12:31 +0200
From: Arrigo Triulzi <arrigo at northsea.sevenseas.org>
To: ids-europe at alchemistowl.org

Dear all,

I don't normally post vulnerability information but this one warrants
an exception.  There is a DoS, vendor independent, against
unauthenticated BGP circulating on the net.  Apparently both Cisco TAC
and Juniper know about this if asked (I no longer have Cisco TAC
access to verify this).

The current "best fix" is to enable MD5.

Hope this helps,

ids-europe mailing list
ids-europe at alchemistowl.org

Met vriendelijke groet/With kind regards,

Marcel ten Berg
Network Engineer
Scarlet Telecom B.V.

More information about the NLNOG mailing list