OSPF Security Vulnerabilities Analysis

Document Type Expired Internet-Draft (rpsec WG)
Last updated 2006-06-19
Stream IETF
Intended RFC status (None)
Expired & archived
plain text pdf html
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Internet infrastructure protocols were designed at the very early stages of computer networks when "cyberspace" was still perceived as a benign environment. As a consequence, malicious attacks were not considered to be a major risk when these protocols were designed, leaving today's Internet vulnerable. This paper provides an analysis of OSPF vulnerabilities that could be exploited to modify the normal routing process across a single domain together with an assessment of when internal OSPF mechanisms can or cannot be leveraged to better secure a domain.


Emanuele Jones (emanuele.jones@alcatel.com)
Olivier Le Moigne (olivier.le_moigne@alcatel.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)