ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard

2016-07-02 05:44:21
from [Randy Bush] [Permanent Link] 
and you are kinda peotected by the community not being well-known,
i.e. different for each upstream. the attacker has to know the
community for each upstream and be able to not only inject the prefix
but also tag it with the correct community for each upstream.


Your argument comes down to "security through obscurity"


no.  non-transitiveness through local naming, the reason this has not
allowed serious damage in current practice.

randy
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard, Job Snijders
Next by Date:  Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard, Marco Marzetti
Previous by Thread:  Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard, Job Snijders
Next by Thread:  Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard, heasley
Indexes:  [Date] [Thread] [Top] [All Lists]