nanog mailing list archives
Winstar says there is no TCP/BGP vulnerability
From: Rodney Joffe <rjoffe () centergate com>
Date: Tue, 20 Apr 2004 13:44:44 -0700
Perhaps we are all making too much of this... It appears that Winstar feels that there is no need for MD5 authentication of peering sessions. One of our customers has just had the following response from Winstar following a request to implement MD5 on their OC3 connection to Winstar. My first suggestion is to locate another upstream provider (they have 3 already). However, perhaps someone from Winstar would care to help us all understand what the alternative solution is to securing the session via MD5? I would *love* an alternative to the 5 days of work we've just gone through.
-----Original Message----- From: Justin Crawford - NMCW Engineer [mailto:jcrawford () winstar net] Sent: Tuesday, April 20, 2004 11:13 AM To: xxxxxx Subject: Re: *****SPAM***** MD5 implimentation on BGP xxxxx, Winstar does not currently run MD5 authentication with our peers. Thanks Justin Thank you for your time and business Justin Crawford Winstar NMCW Ph: 206-xxx.xxxx
Has anyone else run in to this with Winstar? -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"(SM)
Current thread:
- Winstar says there is no TCP/BGP vulnerability Rodney Joffe (Apr 20)
- Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability John Brown (CV) (Apr 20)
- Re: Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability Andy Dills (Apr 20)
- Re: Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability Richard A Steenbergen (Apr 20)
- Re: Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability Charles Sprickman (Apr 21)
- Re: Winstar says there is no TCP/BGP vulnerability Joe Rhett (Apr 20)
- Re: Winstar says there is no TCP/BGP vulnerability Rodney Joffe (Apr 20)
- Re: Winstar says there is no TCP/BGP vulnerability Dan Hollis (Apr 21)
- Re: Winstar says there is no TCP/BGP vulnerability James (Apr 21)
- Re: Winstar says there is no TCP/BGP vulnerability E.B. Dreger (Apr 21)
- Re: Winstar says there is no TCP/BGP vulnerability Rodney Joffe (Apr 20)
- Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability John Brown (CV) (Apr 20)