From: Scott Morris (smorris@internetworkexpert.com)
Date: Sat Jan 10 2009 - 15:39:34 ARST
Always check the beginning of your lab (first page) for the rules of
engagement. Things like "All passwords will be CISCO unless otherwise
mentioned" are incredibly important!
HTH,
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
mihai.grigore@onlinehome.de
Sent: Saturday, January 10, 2009 11:32 AM
To: ccielab@groupstudy.com
Subject: BGP authentication but password not given !!
Respected fellow Experts,
I have a task asking about a BGP peering to a backbone router (IE WB vol2
Lab16, Task 4.1). The beauty of this task is that the backbone router is
using
MD5 authentication, but the task does not mention the password. This is part
of
the candidate hardening procedure.... :-)
On my router, I have enabled debugging for TCP transactions and this is what
I
can see:
Lab16_R2#deb ip tcp tra
*Jan 10 12:33:14.561: TCB85961AE8 setting property TCP_MD5KEY (5) 0 <<< I
am
using no MD5
(output ommited)
*Jan 10 12:33:24.300: MD5 received, but NOT expected from 192.10.1.254:179
to
192.10.1.2:31253
So, the BB2 router is sending me MD5 key and I cannot know what this is from
the debug above. By the way, is there any way how to see the password?
For the Lab, what to do in such a situation? Ask the proctor what the
password
would be?
TIA,
Mihai
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:37 ARST