On 19/09/2012 02:42, Robert E. Seastrom wrote:
You forgot the consequences of getting some other element of the
config wrong because you were preoccupied with the MD5 key.
I'll take simplicity every time.
One good use for MD5 is to stop people at Internet Exchanges from hijacking
old bgp
Dobbins, Roland rdobb...@arbor.net writes:
On Sep 16, 2012, at 7:05 PM, Robert E. Seastrom wrote:
An extra knob, an extra data point to be collected, managed, (and possibly
get wrong) as a proxy for are you sure? [y/N] is a huge step away from
goodness.
Given that the consequences of
Dobbins, Roland rdobb...@arbor.net writes:
On Sep 15, 2012, at 7:58 PM, Nick Hilliard wrote:
The general advice is still to use copp or acls to deprioritise unknown bgp
traffic. Gtsm can help in some situations, particularly at Ixps. Otherwise
md5 is a matter of choice. Some people like
On 14 Sep 2012, at 20:59, John Brown j...@citylinkfiber.com wrote:
I remember reading / hearing that using a BGP password could cause a DDOS
vulnerability with Cisco and other vendor devices.
The problem related to how ios handled md5 checksums. Turned out that the md5
check was calculated
On Sep 15, 2012, at 7:58 PM, Nick Hilliard wrote:
The general advice is still to use copp or acls to deprioritise unknown bgp
traffic. Gtsm can help in some situations, particularly at Ixps. Otherwise
md5 is a matter of choice. Some people like it; others don't.
Concur.
There are no
Hi Folks,
I remember reading / hearing that using a BGP password could cause a DDOS
vulnerability with Cisco and other vendor devices.
Any words of wisdom here ??
Thanks
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
/guide/gt_btsh.html
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of John Brown
Sent: Friday, September 14, 2012 4:00 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] BGP MD5 DDOS ?
Hi Folks,
I remember reading