[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: simple security

To: "Dunn, Jeffrey H." <jdunn@mitre.org>
Subject: Re: simple security
From: Mark Townsley <townsley@cisco.com>
Date: Wed, 24 Mar 2010 12:26:16 +0100
Cc: Lee Howard <lee@asgard.org>, "v6ops@ops.ietf.org" <v6ops@ops.ietf.org>
In-reply-to: <3C6F21684E7C954193E6C7C4573B762703A8F5CAD1@IMCMBX1.MITRE.ORG>
References: <001501caca91$769511b0$63bf3510$@org> <3C6F21684E7C954193E6C7C4573B762703A8F5CAD1@IMCMBX1.MITRE.ORG>
User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3

On 3/23/10 3:39 PM, Dunn, Jeffrey H. wrote:

Lee,
I agree. To amplify on your position, I offer the following. Manyjurisdictions have draconian statues defining illicit Internetactivity, e.g., child pornography, and associated stringent penalties,e.g., lengthy incarceration. If there is a perception that the use ofIPv6 unique globally routable unicast addresses (UGA) increases aconsumer’s risk of inadvertently violating one of the statute becausea compromise of their home systems or network, adoption of IPv6 byconsumers will be minimal.

Someone would have to create the perception that UGA == increased threatof hosting child pornography.

In addition, applying simple security controls such as leastfunctionality is both sound and responsible. Specifically, if homenetworks are not supporting servers, e.g., web sites, then there is noneed to allows sessions associated with servers to be initiated byInternet hosts.

The idea that the simple-security mechanism denies willing or protectsunwilling users from hosting pornography would not be grounded intechnical reality.


The IETF should not for a second help create this incorrect perception.

- Mark

PS. We have a SHOULD in the simple-security document for implementationof a protocol that allows a host to open a pinhole in the firewall ondemand. If that comes into existence, running a web server is as readilypossible with the firewall as without.

Best Regards,

Jeffrey Dunn
Info Systems Eng., Lead
MITRE Corporation.

(301) 448-6965 (mobile)
*From:* owner-v6ops@ops.ietf.org [mailto:owner-v6ops@ops.ietf.org] *OnBehalf Of *Lee Howard
*Sent:* Tuesday, March 23, 2010 10:02 AM
*To:* v6ops@ops.ietf.org
*Subject:* simple security
The simple-security draft represents the best practice we know of forsecuring home networks. It describes the behavior that should be thedefault for all home networking gateways. Advanced users who know whatthey're getting into can change those default rules.
Some people argued that a stateful firewall is no longer neededbecause attackers no longer use vectors that a firewall protectsagainst. This sounds like circular reasoning to me, as if you nolonger need a roof because rain hasn't fallen on your head for years.
It was also argued that attacks of this kind simply don't exist inIPv6. That sounds like the argument that faults in the space shuttleo-ring haven't caused explosions before, so it's safe. I'll also pointout that OSes with smaller market share have fewer exploits writtenfor them because they are a smaller target; as IPv6 exceeds 50%, therewill be more attacks.
I disagreed at the mike with the argument that ISPs should be doingthis kind of filtering themselves. I'd like to understand thatargument better. If ISPs should be providing stateful firewallservice, then doesn't that support the need for a draft documentingwhat ISPs should do?
Yes, hosts should provide better security for themselves. In someregions, users install three or four security packages on theircomputers, but even their almost 50% of machines are infected.Blocking the easiest paths to exploits using perimeter security iscurrent best practice, and should be documented as such.
Lee

References:
- simple security
  - From: "Lee Howard" <lee@asgard.org>
- RE: simple security
  - From: "Dunn, Jeffrey H." <jdunn@mitre.org>

Prev by Date: Re: simple security
Next by Date: Re: simple security
Previous by thread: RE: simple security
Next by thread: Re: simple security
Index(es):
- Date
- Thread