[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
On Tue, 5 Nov 2002, RJ Atkinson wrote:
> > My point is that becoming a man in the middle is
> > not an easy thing to do in general.
> My point is that it so easy to do that it is a common attack throughout
> today's Internet.
Can you point me to something that might convince me of this?
> Common enough that BGP added an MD5 authentication option
> to prevent man-in-the-middle attacks on BGP.
I've never heard of this actually happening. Also, the MD5 option
provides protection against spoofed RSTs.
> And common enough that we
> need to really worry about with the current Internet.
If man in the middle really is common we need to go down to layer 0 and
implement some protection there. Crypto helps sell CPUs but a man in the
middle can still disrupt your traffic so crypto isn't enough.
> That aside, pretending these attacks are hard to implement or not
> common on the deployed Internet is harmful because they are EASY to implement
> and have been COMMONPLACE in the real world for several years now.
Obviously we use different defenitions of these terms.
> I don't discuss implementation details of any attack ever, but I will
> note that all the information needed to code up a man-in-the-middle
> attack is available online and/or in published papers.
Performing the attack once you're in position is trivial. Tampering with
the infrastructure so you can receive and send packets while at the same
time the real destination/source is unable to, and doing this without
being detected, is hard, except in some places at the edge of the