[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: threats ID
IMHO both drafts complement themselves pretty well because Erik & Tony's
draft essentially analyze the threats from a IP layer perspective and
Masataka's draft analize the threats from a transport layer perspective.
After some mail exchanges with Pekka N., my understanding is that that there
is an important distinction to be made between these two cases when
considering the hijacking attack. The point is that in transport layer
solutions, the hijcack attack is limited to the existent established
connection while in the IP layer (shim layer also) solutions the attack
applies to the complete endnode. Because the attack applies to the endnode,
the attacker can do things like establishing aconnection creating some state
so that futuer communications initated by the victim are also redirected.
That is in IP layer solutions the complete identity of the victim is
hijacked for all the applications and for all the communications,
pre-establihed or future communications (as long as the malicous state
exists in the victim)
This implies that the risk is very different in one case than in the other
one and different security solutions are required.
So I guess that i agree with Masataka that a return routability check with a
cookie is enough to redirect a connection but IMHO this is not enough to
redirect a complete identity at the IP layer level.
I mean time shifting attacks may be acceptable as long they can only affect
> -----Mensaje original-----
> De: firstname.lastname@example.org [mailto:email@example.com]En
> nombre de Brian E Carpenter
> Enviado el: lunes, 19 de enero de 2004 14:23
> Para: Masataka Ohta
> CC: Multi6 List
> Asunto: Re: threats ID
> Thanks. Since this is fairly short, I hope we can integrate
> it in draft-nordmark-multi6-threats-00.txt if people agree
> with your analysis.
> Masataka Ohta wrote:
> > Below is a threats analysis draft ID.
> > Masataka Ohta
> > --