On 01/10/2017 04:28, Christopher Morrow wrote: > On Sat, Sep 30, 2017 at 12:47 PM, Ken Chase <m...@sizone.org> wrote: > >> I dont see that as the solution. Someone else will offend again. >> >> However, I also don't see trusting major backbones as our filters (for many >> other reasons). Our software should be handling what's effectively a >> buffer overflow >> or equivalent (beware long paths that are actually shellcode). >> >> Quagga among others seems to be subject to this bug, pre 0.99.23 or so >> (.99.24+ seems ok). So upgrading is a solution. >> >> > ii quagga 0.99.22.4-3ubu i386 BGP/OSPF/RIP routing > daemon > > interestingly enough that isn't crashlooping nor is it bouncing bgp > sessions:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1572 Quagga 0.99.11 and earlier affected. Fixed in 2009. -Hank > 192.168.100.100 4 MYASN 1642717 8864 0 0 0 2d23h32m > 672475 > > and it's happily showing me the route even... > > There was also some chatter on the quagga mailing list on how it's more >> pleasant to stab your eyeballs out rather than constructing extremely long >> regexp's that might work as a filter. >> >> https://lists.quagga.net/pipermail/quagga-users/2017-September/thread.html >> >> /kc >> >> >> On Sat, Sep 30, 2017 at 05:30:03PM +0200, Niels Raijer said: >> >My message to NANOG about this from 12:31 UTC today is still in the >> moderation queue. I had opened a support case with Cogent before writing my >> message to NANOG and Cogent has let me know approximately 40 minutes ago >> that they have contacted their customer. >> > >> >Niels >> > >> > >> > >> >On 30 Sep 2017, at 17:09, sth...@nethelp.no wrote: >> > >> >>> If you're on cogent, since 22:30 UTC yesterday or so this has been >> happening >> >>> (or happened). >> >> >> >> Still happening here. I count 562 prepends (563 * 262197) in the >> >> advertisement we receive from Cogent. I see no good reason why we >> >> should accept that many prepends. >> >> >> >> Steinar Haug, Nethelp consulting, sth...@nethelp.no >> > >> >> -- >> Ken Chase - m...@sizone.org Guelph Canada >>
