Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
293
Views
0
Helpful
4
Replies

BGP Denial Of Service Vulnerability??

NPT_2
Level 2
Level 2

‎04-20-2004 12:15 PM - edited ‎03-02-2019 03:07 PM

I just received an email from one of our upstream ISP's about a new vulnerability that could cause a reset of BGP sessions possibly usable in a Denial of Service attack. They referenced the URL http://www.uniras.gov.uk/vuls/2004/236929/index.htm

Which seems to indicate a recomendation of using MD5 signature option on BGP peering points.

A couple questions regarding this:

How serious of an issue is this, and should MD5 encryption be setup on BGP peers?

and

What are the requirements (IOS version and FeatureSet) for this, and how is it setup?

Labels:
0 Helpful
4 Replies 4

Harold Ritter
Cisco Employee
Cisco Employee

‎04-20-2004 02:35 PM

A Security Advisory has just been released on CO this afternoon. Please refer to the following link.

http://www.cisco.com/warp/public/707/advisory.html

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

danne
Level 1
Level 1
In response to Harold Ritter

‎04-22-2004 01:22 AM

Hi,

It seems like everybody is focusing on BGP, is the advisory also valid for other protocols like LDP and DLSW etc.. Does the repaired code also include fixes for the above protocols ?

/ Daniel

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to danne

‎04-22-2004 03:30 AM

The reason everybody talks about BGP is that it is certainly the most widely deployed of them and at the same time the one that causes the most disruption. To answer your question, the fix changes the TCP behavior from RFC793 to the more specific one described in draft-ietf-tcpm-tcpsecure-00.txt tererefore it addresses the issue from a TCP standpoint.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

NPT_2
Level 2
Level 2
In response to Harold Ritter

‎04-22-2004 07:21 AM

Looking at the security advisory at http://www.cisco.com/en/US/customer/products/products_security_advisory09186a008021bc62.shtml

I see that for version 12.3 Mainline code it shows that the rebuild version for a fix is 12.3(6). Does 12.3(6a) also include the fixes, I was going to load 12.3(6) but it showed multiple bugs that I decided it would be best to go to the latest 12.3(6a). Will 12.3(6a) include the fixes or would I have to actually use 12.3(6)?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents