Secure dynamic routing

Did you know that OSPF has it’s own security features?

A major risk in a dynamically routed environment is that rogue routes are injected into the network which could result in that the communications can be hijacked. This can happen by accident i.e. through misconfiguration or misconnection of a router, which can impact the traffic flow of the network. The effects can be devastating causing major parts of the application to go down. In the worst case the router is introduced to the network for malicious reason in order to steal application data or injecting rogue commands to a control system.

The risk can be mitigated by using the built-in security features of WeOS OSPF. OSPF in WeOS support two ways of authenticating all OSPF messaging in the network, plain and MD5 authentication. Plain authentication will prevent accidental injection of routes that do not share the same credentials as the rest of the network. However the key will be sent in plain text so a malicious attacker will be able to extract the password from the OSPF messages. Alternatively MD5 authentication can be used to secure the OSPF messages.  The OSPF message is protected with a cryptographic checksum.  If an OSPF message is received without the correct signature, the message will be rejected.

Carl de Bruin

International sales

Ask me about network security

Bitte geben Sie Ihre Nachricht ein

Bitte gültige Mail Adresse eingeben

Bitte gültige Telefonnummer eingeben

Kontaktdaten

Bitte geben Sie Ihre E-Mail-Adresse ein, um die Datei herunterzuladen


Vielen Dank! Eine E-Mail ist auf dem Weg zu Ihnen.

Etwas ist schief gelaufen! Bitte versuchen Sie es später erneut.