BGP后门

Posted 2020-10-31

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了BGP后门相关的知识，希望对你有一定的参考价值。

如图，R1在AS1中，R2,R3,R4在一个大AS100中（R2,R3在AS23中，R4在AS4中），5在AS5中。技术分享图片
R4,R5之间的环回用EIGRP建立邻居关系，R4,R5建立EBGP关系，邻居关系有的时候DOWN,有的时候UP
解决方法--BGP后门
R4#
Apr 12 20:47:46.939: %BGP-5-ADJCHANGE: neighbor 5.5.5.5 Down Peer closed the session
R4#
Apr 12 20:47:49.707: %BGP-5-ADJCHANGE: neighbor 5.5.5.5 Up
R4#
Apr 12 20:47:46.263: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Down BGP Notification sent
R5#
Apr 12 20:47:46.263: %BGP-3-NOTIFICATION: sent to neighbor 4.4.4.4 4/0 (hold time expired) 0 bytes
R5#
*Apr 12 20:47:49.283: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Up
R5#
R4#show run | s bgp
router bgp 23
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 4.4.4.4 mask 255.255.255.255
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
no auto-summary
R4#show run | s eigrp
router eigrp 23
network 4.4.4.4 0.0.0.0
network 24.1.1.4 0.0.0.0
network 34.1.1.4 0.0.0.0
network 45.1.1.4 0.0.0.0
network 45.0.0.0
no auto-summary
R5#show run | s bgp
router bgp 5
no synchronization
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255
neighbor 4.4.4.4 remote-as 23
neighbor 4.4.4.4 ebgp-multihop 255
neighbor 4.4.4.4 update-source Loopback0
no auto-summary
R5#show run | s ei
R5#show run | s eigr
R5#show run | s eigrp
router eigrp 23
network 5.5.5.5 0.0.0.0
network 45.1.1.5 0.0.0.0
no auto-summary
R5#

solution
R4#show run | s bgp
router bgp 23
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255 backdoor
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
no auto-summary
R4#show run | s bgp
router bgp 23
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255 backdoor
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
no auto-summary

以上是关于BGP后门的主要内容，如果未能解决你的问题，请参考以下文章

如何查看一个PHP源码是不是有后门？

什么是后门病毒?

PHP加密后门特征，如何找出后门？

20145306 《网络攻防》后门原理与应用

电脑网络中的“后门”是啥意思？

黑客中说的后门啥意思