bgpd - tcp md5 signatures


bgp sessions are not really authenticated - just IP based access control
An attacker could send a bgp notification message with a faked source address, resetting the connection -> DoS
Worse: an attacker could probably send forged routing updates and redirect traffic to his own systems...