[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: PI/metro/geo [Re: The state of IPv6 multihoming development]
On Tue, 5 Nov 2002, Michel Py wrote:
> >> I've seen forged RSTs to take out the BGP session also,
> >> but the earliest attack I saw involved somone stealing
> >> a BGP TCP session and then injecting false routing
> >> information. Operators who don't have BGP TCP MD5
> >> deployed are at serious operational risk these days.
> > Peter R. Tattam wrote:
> > I thought this was a man-on-the-side attack, not
> > man-in-the-middle
> I am no expert in attack classification, but can you explain why? I have
> done that myself once in the lab, and it was a MITM as far as I am
> concerned: Get in the middle, intercept the traffic from the mark to the
> peer and vice versa, and inject yours instead.
Ok. I think the classification is bogus. I only characterize a man in the
middle as being one who can intercept packets going in both directions at the
time of the initial attack. If a man on the side attack results in the traffic
ending up being man in the middle, I don't think that qualifies.
It helps to be accurate with the terminology - it prevents confusion.
Peter R. Tattam firstname.lastname@example.org
Managing Director, Trumpet Software International Pty Ltd
Hobart, Australia, Ph. +61-3-6245-0220, Fax +61-3-62450210