Monday, 15 February 2016
BGP - Security Hack
iBGP sending packet with value with TTL of 255
eBGP sending packet with value with TTL of 1
However:
BGP will accept packet with a TTL of any value if equal 1 or larger
It can be protected by ACL or by using MD5 hashing for BGP session.
Or by using RFC 3682:
neighbor X>X>X>X ttl-security hops 5
(this will accept packet with TTL value of minimum 250 )
More on:
Protecting Border Gateway Protocol for the Enterprise
1.1 Switched campus 1.1.a Switch administration 1.1.a i Managing MAC address table Show Commands: Switch#show mac address-table ? address ...
-
After changing configuration on Juniper SRX and trying to save config with commit cli I have receive error below: root# commit [edit]...
-
Some time is necessary to find out MAC address of interface on firewall to troubleshoot connectivity. On Palo Alto firewall log in ...