Re: [OSPF] OSPF - Owning the Routing Table Attack

Uma Chunduri <uma.chunduri@ericsson.com> Fri, 02 August 2013 18:06 UTC

Return-Path: <uma.chunduri@ericsson.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4953311E8127 for <ospf@ietfa.amsl.com>; Fri, 2 Aug 2013 11:06:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VJCYICRMqvyx for <ospf@ietfa.amsl.com>; Fri, 2 Aug 2013 11:06:43 -0700 (PDT)
Received: from usevmg21.ericsson.net (usevmg21.ericsson.net [198.24.6.65]) by ietfa.amsl.com (Postfix) with ESMTP id 8304311E8101 for <ospf@ietf.org>; Fri, 2 Aug 2013 11:06:15 -0700 (PDT)
X-AuditID: c6180641-b7f986d000007a82-78-51fbf511bfca
Received: from EUSAAHC004.ericsson.se (Unknown_Domain [147.117.188.84]) by usevmg21.ericsson.net (Symantec Mail Security) with SMTP id 3B.92.31362.115FBF15; Fri, 2 Aug 2013 20:06:10 +0200 (CEST)
Received: from EUSAAMB105.ericsson.se ([147.117.188.122]) by EUSAAHC004.ericsson.se ([147.117.188.84]) with mapi id 14.02.0328.009; Fri, 2 Aug 2013 14:06:09 -0400
From: Uma Chunduri <uma.chunduri@ericsson.com>
To: Michael Barnes <mjbarnes@cisco.com>, "ospf@ietf.org" <ospf@ietf.org>
Thread-Topic: [OSPF] OSPF - Owning the Routing Table Attack
Thread-Index: AQHOj58i/36FKErcrkCmoibJVlArvpmCdwOA//++I6A=
Date: Fri, 2 Aug 2013 18:06:09 +0000
Message-ID: <1B502206DFA0C544B7A604691520086317449920@eusaamb105.ericsson.se>
References: <CAPLq3UNWoff2pSe9fkWsBmfW3b-CfKe9iUiPMWBNZKe=jXn0KQ@mail.gmail.com> <51FBF2C7.2080706@cisco.com>
In-Reply-To: <51FBF2C7.2080706@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [155.53.73.25]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrALMWRmVeSWpSXmKPExsUyuXRPiK7Q19+BBqe6BSwWr3vFYtFy7x67 A5PHlN8bWT2WLPnJFMAUxWWTkpqTWZZapG+XwJVx8rVhQTNzxbd1TWwNjJuZuhg5OSQETCSa ZmxkhbDFJC7cW8/WxcjFISRwlFFi/+2/LBDOMkaJG9P6wDrYBPQkPk79yQ5iiwh4SOw7v4IZ xBYWsJL4sH4BUA0HUNxa4vl8P4gSK4ntsxvAFrAIqEgcvnAOzOYV8JXYc2862BghgXyJh7tO gY3hFNCUeLv/DRuIzQh00PdTa8DWMguIS9x6Mh/qaAGJJXvOM0PYohIvH/+DekBBYmvbdqh6 HYkFuz+xQdjaEssWvmaG2CsocXLmE5YJjKKzkIydhaRlFpKWWUhaFjCyrGLkKC1OLctNNzLc xAiMhWMSbI47GBd8sjzEKM3BoiTOu0HvTKCQQHpiSWp2ampBalF8UWlOavEhRiYOTqkGxslm j+K4Jz6XKNTlmHL8ouT3R1neQR7sx7qZAn+4X7xunbWTM/kRW2gWu3OASI5L+ISlCoLlLAte skZuvFF2reLu9/zS67PUN83L+FWiEfH/s1Hah7DfC1gEtvx2SfvyK+PS2sj7iXf+1B/yz555 Xn/18toGS+8bkQbafPN5qn+b/NAy0A06r8RSnJFoqMVcVJwIAO4KxR5TAgAA
Subject: Re: [OSPF] OSPF - Owning the Routing Table Attack
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Aug 2013 18:06:50 -0000

>>What would be interesting to me, would be a way to attack OSPF when 
>>SHA-256 authentication is deployed, beyond the known replay attacks.

Doesn't matter what auth algo is used for their work; if same key is used 
on all interfaces and it is compromised/got access some how (insider) 
- It's not hard to create the issues the posting documented.

$0.02
--
Uma C.