John Fraizer author of MRLG one of the looking glass implementations has updated his code to fix a flaw that provided too much information. MRLG-4.3.0 is available at: Available here: ftp://ftp.enterzone.net/looking-glass/CURRENT/
Some route servers also provide too much info. This audit was performed yesterday so if you have already fixed this issue please ignore:-) Part of this issue is the fact that some router servers provide too much information. Without knowing the source/destination ports and IP's this is still a difficult vulnerability to exploit. >From this URL I did a quick audit. http://www.traceroute.org/#Route%20Servers I did NOT look at the looking glass URLs just the route servers. This is the list of open route servers I did a quick audit on. No connection means I was unable to connect to it. Not misconfigured meant sho ip bgp nei did NOT work. Sho ip bgp nei gives full ports/ips means what you think it means. You have may want to see if any of them are yours of if you peer / are the upstream for any of them. "Route Servers" "telnet://ner-routes.bbnplanet.net"; BBN Planet NER route monitor No connection "telnet://route-server.belwue.de"; BelWue (AS553) Sho ip bgp nei gives full ports/ips. "telnet://route-views.on.bb.telus.com";>Telus - East Coast (AS852) Sho ip bgp nei gives full ports/ips. telnet://route-views.ab.bb.telus.com"; Telus - West Coast (AS852) Sho ip bgp nei gives full ports/ips. "telnet://route-server.cerf.net";>CerfNet Route Server (AS1838)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.ip.tiscali.net";>Tiscali (AS3257)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.gblx.net";>Global Crossing (AS3549)</A></LI> Not misconfigured:-) "telnet://route-server.savvis.net/";>SAVVIS Communications (AS3561)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://public-route-server.is.co.za"; TARGET=NEW>Internet Solutions (AS3741)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server-ap.exodus.net";>Exodus Communications Asia (AS4197)</A></LI> No connection "telnet://route-server.as5388.net";>Planet Online (AS5388)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.opentransit.net";>Opentransit (AS5511)</A></LI> Not misconfigured:-) "telnet://tpr-route-server.saix.net";>South African Internet eXchange SAIX (AS5713)</A></LI> Not misconfigure:-) "telnet://route-server.gt.ca";>GT Group Telecom (AS6539)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.as6667.net";>EUNet Finland (AS6667)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.he.net";>Hurricane Electric (AS6939)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.ip.att.net";>AT&T (AS7018)</A></LI> No connection "telnet://route-views.optus.net.au";>Optus Route Server Australia (AS7474)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.wcg.net";>Wiltel (AS7911)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.colt.net";>Colt Internet (AS8220)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server-eu.exodus.net";>Exodus Communications Europe (AS8709)</A></LI> No connection "telnet://route-views.bmcag.net";>Broadnet mediascape communications AG (AS9132)</A></LI> Not misconfigured:-) "telnet://route-server-au.exodus.net";>Exodus Communications Australia (AS9328)</A></LI> No connection "telnet://route-server.manilaix.net.ph";>Manila Internet Exchange, Philippines (AS9670)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.east.attcanada.com";>ATT Canada - East (AS15290)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.west.attcanada.com";>ATT Canada - West (AS15290)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.ip.ndsoftware.net";>NDSoftware (AS25358)</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://route-server.loudpacket.net";>Loud Packet (AS27276)</A></LI> No connection. "telnet://route-server.as28747.net/";>RealROOT (AS28747)</A></LI> No connection "telnet://route-views.oregon-ix.net";>Oregon-ix.net Route Server</A></LI> Sho ip bgp nei appears it WOULD provide full ports/ips if they had any? The command executed but came back empty!!?? This one can be used as a proxy bounce (connect ip port) too:-( "telnet://route-server.utah.rep.net";>Utah Regional Exchange Point Route Server</A></LI> Sho ip bgp nei gives full ports/ips. "telnet://www.netlantis.org";>The NetLantis Project Route Server</A></LI> Not misconfigured. http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC Increased trust is received by not violating the trust you have received.
