Date: Tue, 20 Apr 2004 20:11:31 -0400 From: Mike Tancsa <mike@sentex.net> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-security@freebsd.org Subject: Re: TCP RST attack Message-ID: <6.0.3.0.0.20040420200911.08a87fa8@209.112.4.2> In-Reply-To: <20040421000254.GK724@empiric.dek.spc.org> References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <593EE0FE-9309-11D8-A8CA-003065ABFD92@mac.com> <200404202045.i3KKjKSb090656@apollo.backplane.com> <20040421000254.GK724@empiric.dek.spc.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:02 PM 20/04/2004, Bruce M Simpson wrote:
>On Tue, Apr 20, 2004 at 01:45:20PM -0700, Matthew Dillon wrote:
> > 99.9% of all BGP links are direct connections (meaning that they
> > terminate at a router rather then pass through one). No packet to
> > or from port 179 has any business being routed from one network to
> > another in virtually all BGP link setups so the fix is utterly trivial.
>
>This isn't necessarily the case with eBGP multihop or route-server based
>setups.
Cogent and 360/GT both like to do ebgp multihop by default.
---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.3.0.0.20040420200911.08a87fa8>