Nah, they aren't asking about the other things, and only the order of operations which vary per vendor will matter.
If I am reading correctly, they aren't asking about only successful MD5 attacks, but MD5 attacks in general. All the rest of your listed security configurations would be 'extra' router demographics. -Garrett On Wed, Aug 15, 2018, 06:43 Lotia, Pratik M <pratik.lo...@charter.com> wrote: > Just to point out - > Data about md5 attacks from various organizations will depend on a number > of factors such as - > Is BGP TTL Security check being done? > Are anti-spoofing ACLs enabled? > uRPF enabled? Strict or Loose? > BGP Session over a separate interface (tunnel)? > > > > With Gratitude, > > > Pratik Lotia | Security Engineer | Advanced Engineering Security > Charter Communications > > "A satisfied customer is the best business strategy of all." > > -----Original Message----- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Randy Bush > Sent: Tuesday, August 14, 2018 3:39 PM > To: North American Network Operators' Group > Subject: tcp md5 bgp attacks? > > so we started to wonder if, since we started protecting our bgp > sessions with md5 (in the 1990s), are there still folk trying to > attack? > > we were unable to find bgp mib counters. there are igp interface > counters, but that was not our immediate interest. we did find > that md5 failures are logged. > > looking at my logs for a few years, i find essentially nothing; > two 'attackers,' one my own ibgp peer, and one that noted evildoer > rob thomas, bgprs01.ord08.cymru.com. > > we would be interested in data from others. > > note that we are neither contemplating nor suggesting removing md5 > from [y]our bgp sessions. > > randy > E-MAIL CONFIDENTIALITY NOTICE: > The contents of this e-mail message and any attachments are intended > solely for the addressee(s) and may contain confidential and/or legally > privileged information. If you are not the intended recipient of this > message or if this message has been addressed to you in error, please > immediately alert the sender by reply e-mail and then delete this message > and any attachments. If you are not the intended recipient, you are > notified that any use, dissemination, distribution, copying, or storage of > this message or any attachment is strictly prohibited. > >
