Re: Security hole in RIP-2
Oliver Korfmacher <okorf@netcs.com> Thu, 04 February 1993 17:22 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa07524; 4 Feb 93 12:22 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa07520; 4 Feb 93 12:22 EST
Received: from atlas.xylogics.com by CNRI.Reston.VA.US id aa13580; 4 Feb 93 12:22 EST
Received: by atlas.xylogics.com id AA04345 (5.65c/UK-2.1-930202); Thu, 4 Feb 1993 12:26:12 -0500
Received: from thuer.netcs.com by atlas.xylogics.com with SMTP id AA09774 (5.65c/UK-2.1-930202); Thu, 4 Feb 1993 12:25:55 -0500
Received: from keks.netcs.com by thuer.netcs.com with SMTP (5.67a8+/25-eef) id AA04979; Thu, 4 Feb 1993 18:20:55 +0100
Received: by keks.netcs.com (5.65/25-eef) id AA04425; Thu, 4 Feb 93 18:20:28 +0100
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Oliver Korfmacher <okorf@netcs.com>
Message-Id: <9302041720.AA04425@keks.netcs.com>
Subject: Re: Security hole in RIP-2
To: ietf-rip@xylogics.com
Date: Thu, 04 Feb 1993 18:20:27 -0000
X-Mailer: ELM [version 2.2 PL0]
X-Charset: ASCII
X-Char-Esc: 29
> There is a potential security hole in the RIP-2 authentication caused
> by the backwards compatibility rules.
> [..]
> There are two solutions. Ideally, the router has to be smart enough to
> answer a RIP-1 query with a RIP-1 response, which may not be easy for
> some implementations.
Hmm. I can't see why is is the case? It is of course clearly recognizable,
what version is requesting? But I also agree: this should be mentioned in
a comment.
Oliver
Oliver Korfmacher (okorf@netcs.com, whois OK11)
- Security hole in RIP-2 Gary Scott Malkin
- Re: Security hole in RIP-2 Noel Chiappa
- Re: Security hole in RIP-2 Oliver Korfmacher
- Re: Security hole in RIP-2 Jeffrey C Honig
- Re: implementation detail Jeffrey C Honig
- Re: minutes of RIPv2 meeting in Amsterdam Jeffrey C Honig
- Re: Document updates Jeffrey C Honig
- Re: Clarification of when authentication is used Jeffrey C Honig