RE: key change for TCP-MD5

Another potential attack is an attempt to insert information
into a BGP session, such as to introduce bogus routes, or to
even become a "man in the middle" of a BGP session. One issue
that worries me about this is that if this allows routing to
be compromised, then I can figure out how to make money off
of this (and if I can think of it, someone even nastier will
probably also think of this). Of course this would be much
more difficult to pull off, and might require viewing packets
between routers to pull off, but if pulled off and not
quickly detected could be unfortunate.

Ross

This one is hard to pull off. I think the general conclusion
a couple years ago in the study that Sean Convery and Matt Franz
did was that it was less work to try to own the router or buy your
own AS :wink:

Bora

This one is hard to pull off. I think the general conclusion
a couple years ago in the study that Sean Convery and Matt Franz
did was that it was less work to try to own the router or buy your
own AS :wink:

this is the "you don't have to run faster than the lion, you
just have to run faster than your friend," theory. as those
who survived to report are a biased sample, it is not well
tested.

black hats are opportunistic, but not lazy. they look for
cracks with mamzing diligence. e.g the recent brilliant
post on cracking the xbox
<http://www.xbox-linux.org/wiki/17_Mistakes_Microsoft_Made_in_the_Xbox_Security_System>.

when low-hanging fruit is unavailable, or when they see a
really cool way to exploit the higher fruit, it would be
prudent to have done something about it. who cares about
openly recursive dns servers? there are easier ways to
crack the host. oops!

unfortunately, this is not just theory. few talk about the
serious routing attacks that have been seen.

randy

There is a fine line between being dilligent about security, and wasting
your time trying to solve problems that don't exist, which I think has
been crossed in the discussion.

Not to venture too far away from facts and into the realm of cute
soundbites and quotable one-liners about lions and fruit, but let me
propose what I think is a good one:

If the bad guys have copies of your MD5 passwords, then you have way
bigger problems than the bad guys having copies of your MD5 passwords.

I have yet to hear a reasonable counter-argument to this. If there is one
out there that had not yet been made then by all means now is the time to
make it. Otherwise, you would really be better served by devoting your
time and energy into solving real problems. If you're running low on real
problems to solve, I would be happy to send you some of mine. :slight_smile:

While TCP-MD5 could be useful in some cases (mainly in Internet Exchanges), I mostly agree with RAS that the big picture isn't necessarily clear.

Hence, this is my chance to plug my view of it:

http://www.ietf.org/internet-drafts/draft-savola-rtgwg-backbone-attacks-01.txt

It's a short document, less than 15 pages. Comments are welcome.

The goal of the document is to be able to better convey the real story both between the operator-operator and operator-IETF interfaces :slight_smile: