[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OSPF Vulnerability - Owning the Routing Table

Subject: OSPF Vulnerability - Owning the Routing Table
From: mysidia at gmail.com (Jimmy Hess)
Date: Sat, 3 Aug 2013 18:38:39 -0500
In-reply-to: <CAO1bj=ZZ3pQHhduj+C-BREjKo5K6dYghhvtbooKnB+JB3uJcTQ@mail.gmail.com>
References: <CAPLq3UO1L3dgAoVFSmvsXimQK9F93UF_757XF9hO9QpJW_7x+Q@mail.gmail.com> <CAO1bj=ZZ3pQHhduj+C-BREjKo5K6dYghhvtbooKnB+JB3uJcTQ@mail.gmail.com>

On 8/2/13, Aled Morris <aledm at qix.co.uk> wrote:
> Cisco published an advisory on OSPF vulnerability yesterday I think.  I
> assume it's related.
OSPF is a dynamic routing protocol.  It automatically discovers
neighbors on a multi-access segment claiming to be routers.

In what way could it possibly be unexpected that an attacker can pose
as a router and inject false routes;  if an attacker able to emit
multicast to OSPF multicast address onto a LAN speaking OSPF?

That's not news to me, but fully expected.
Do the vendors /really/  have a code fix to  what would seem to be an
inherent problem;  if you failed to properly secure your OSPF
implementation (via MD5 authentication)?

> OSPFv3 is not vulnerable, and connections protected by MD5 are safe too,
> apparently.
>
> Aled
--
-JH

Follow-Ups:
- OSPF Vulnerability - Owning the Routing Table
  - From: saku at ytti.fi (Saku Ytti)

References:
- OSPF Vulnerability - Owning the Routing Table
  - From: glen.kent at gmail.com (Glen Kent)
- OSPF Vulnerability - Owning the Routing Table
  - From: aledm at qix.co.uk (Aled Morris)

Prev by Date: OSPF Vulnerability - Owning the Routing Table
Next by Date: IP allocations / bogon - verification
Previous by thread: OSPF Vulnerability - Owning the Routing Table
Next by thread: OSPF Vulnerability - Owning the Routing Table
Index(es):
- Date
- Thread