> And for something like a huge download to just regular joe, this is more
> of a nuisance assuming some kiddie has access between you and the
> server. OTOH, long lived BGP sessions are affected assuming you are
> going across hostile path to your peer.
Again - no hostile path necessary. Attack is brute-force and does not rely
> So whats all this ado about nothing? Local media made it appear we are
> all about to die.
> Is anyone working on some fix?
In networking world, there was a craze of enabling TCP-MD5 for BGP
sessions reacting to this attack. There is alternative solution, "TTL
hack", relying that most BGP sessions are between directly-connected
routers, so if connection originator sets TTL to 255 and receiver verifies
that TTL on incoming packet is 255, you can be reasonably certain that the
packet was sent by someone directly connected to you. ;)