From: Smith, Donald (no email)
Date: Tue May 04 2004 - 14:24:17 EDT
I have seen 3 pubic ally available tools that ALL work.
I have seen 2 privately tools that work.
A traffic generator can be configured to successfully tear down bgp
sessions.
Given src/dst ip and ports :
I tested with a cross platform EBGP peering with md5 using several of
the tools I could not tear down the sessions.
I tested both Cisco and juniper BGP peering after code upgrades without
md5 I could not tear down the sessions.
GCIA
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC
kill -13 111.2
> -----Original Message-----
> From: [mailto:] On
> Behalf Of Steven M. Bellovin
> Sent: Tuesday, May 04, 2004 11:54 AM
> To: Kurt Erik Lindqvist
> Cc: ;
> Subject: Re: BGP Exploit
>
>
>
>
> In message
> <>, Kurt
> Erik Lindq vist writes:
>
> >>
> >> Now that the firestorm over implementing Md5 has quieted
> down a bit,
> >> is anybody aware of whether the exploit has been used?
> Feel free to
> >> reply off list.
> >
> >Even more interesting, did anyone manage to reproduce it?
> >
>
> I don't know if it's being used; I know that reimplementations of the
> idea are out there.
>
>
> --Steve Bellovin, http://www.research.att.com/~smb
>
>
>
|
|
|