lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: erey at (Enno Rey)
Subject: MPLS Security


On Fri, Nov 28, 2003 at 09:57:31AM +0100, Magnus Eriksson wrote:
> IndianZ wrote:
> >After deep-searching Google and other search engines I only found 2 
> >articles about MPLS Security (SANS and CISCO). Is that really all (or is 
> >this kind of information closed to the public)?
> >
> >Does anybody know more about MPLS Vulnerabilities and what to/how to 
> >pentest in a MPLS architecture? Any input about tools, hints and tricks is
> >welcome...
> I haven't heard of any vuln. specifically for MPLS.

some months ago I put up an MPLS risk analysis table during a project.
I can't publish it yet (as there are sensitive customer data in it) but will do so in the near future (anonymized).
These are the URLs I used in the reference; by them you should be able get a rough overview of the 'security aspects' of MPLS.


Enno Rey

ERNW Enno Rey Netzwerke GmbH - Zaehringerstr. 46 - 69115 Heidelberg
Tel. +49 6221 480390 - Fax 6221 419008 - Mobil +49 173 6745902 - PGP E5CB 9505 EA06 6380 6F12  DE3E 624E 1334 326B B70C

[1] NSA Guide:
[2]: Secure IOS Template:
[3]: Cisco Dokument ?Improving Security on Cisco Routers?:
[4]: Cisco Dokument ?Security of the MPLS Architecture?:
[5] Juniper Dokument ?JUNOS Router Security?:
[6] BT Dokument ?Carrier requirements of core IP routers 2002?: 
[7] Cisco Networkers Session SEC-370 (2001) ?Understanding MPLS/VPN Security Issues?:
[8] Cisco Dokument ?LS MPLS/VPN Security Considerations?:
[9] MPLS LDP Inbound Label Binding Filtering:
[10] VRF maximum routes:
[11] Cisco Dokument ?Key Management von Routing-Protokollen?:
[12] Cisco Dokument ?BGP maximum-prefix?:
[13] Cisco ISP Essentials:

Powered by blists - more mailing lists