nanog mailing list archives

Re: BGP to doom us all

From: alex () yuriev com
Date: Fri, 28 Feb 2003 22:29:04 -0500 (EST)


Indeed!  Compromised routers (generally Cisco) are routinely traded in
the underground.  However, these routers are usually compromised by
taking advantage of weak passwords, e.g. "cisco" for access and enable.  :(


RCS of your router config is your friend.
mailing of the diff between authorized config and running config every N
mintues to eng-int@network is your friend.

Not running "trust everything" configuration on your network is your friend.

Some who trade for compromised routers (one cisco is worth approximately
three to five stolen credit cards) specifically ask for routers running
BGP, and may pay a premium for this extra.


Who cares? If the other routers are configured correctly, they wont take
tainted advertisements. If they are not configured correctly, any Super
Secure BGP wont help.

Alex

Current thread:

BGP to doom us all Jim Deleskie (Feb 28)
- Re: BGP to doom us all Bruce Pinsky (Feb 28)
  - Re: BGP to doom us all batz (Feb 28)
    - Re: BGP to doom us all Rob Thomas (Feb 28)
    - Re: BGP to doom us all alex (Feb 28)
    - Re: BGP to doom us all Rob Thomas (Feb 28)
  - Re: BGP to doom us all Randy Bush (Feb 28)
  - Re: BGP to doom us all Steven M. Bellovin (Feb 28)
    - Re: BGP to doom us all batz (Feb 28)
    - RE: BGP to doom us all Barry Raveendran Greene (Feb 28)
    - Re: BGP to doom us all Steven M. Bellovin (Feb 28)
- Re: BGP to doom us all Sean Donelan (Feb 28)
  - Re: BGP to doom us all Bruce Robertson (Feb 28)
- Re: BGP to doom us all Randy Bush (Feb 28)
  - Re: BGP to doom us all batz (Feb 28)

(Thread continues...)