05-29-2018 11:43 AM - edited 03-08-2019 03:10 PM
Which type of attack can be mitigated by authenticating a routing protocol? I know that we use authentication for OSPF, BGP, etc. to prevent attacks, but what attacks does authentication prevent?
Thank you,
Solved! Go to Solution.
06-06-2018 11:55 AM
Robert
Thanks for clarifying that the context of this question was preparation for a certification exam. It is unfortunate that the two sources do not agree. I am not sure about it but if I had to choose between those two alternatives my sense is that it is more likely recon that is not mitigated. Perhaps someone else in the community might have some insight.
HTH
Rick
05-29-2018 12:07 PM
It would be an attack in which a bad actor injects incorrect routes into the network routing table by sending what appear to be routing updates for the routing protocol used in that network OSPF, BGP, etc.
HTH
Rick
05-29-2018 12:19 PM
So would you say that these types of attacks are mitigated?
Man-in-the-middle
Spoofing
Denial of service
Reconnaissance
05-30-2018 06:58 AM
Depending on how you define it, you might think that spoofing was mitigated if you think of inserting incorrect routing protocol updates as pretending to come from a regular router in the network as spoofing. But the generally used understanding of spoofing is to send packets where you have falsified the source address to that it appears to come from somewhere not where it really came from. So realistically I would say that none of the attacks that you mention are mitigated if the routing protocol uses authentication.
HTH
Rick
06-06-2018 09:56 AM
Thanks Richard. In going through training for IINS 210-260, the Cisco e-learning has reconnaisance attack as the one that is not mitigated. The Official Certification Guide says it is spoofing that is not mitigated. Go figure that they contradict, so I thought I would ask the community.
Thanks again,
Robert
06-06-2018 11:55 AM
Robert
Thanks for clarifying that the context of this question was preparation for a certification exam. It is unfortunate that the two sources do not agree. I am not sure about it but if I had to choose between those two alternatives my sense is that it is more likely recon that is not mitigated. Perhaps someone else in the community might have some insight.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: