IETF Logo Mail Archive

[MMUSIC] ICE Issue #10: ICE hammer

Jonathan Rosenberg <jdrosen@cisco.com> Tue, 12 September 2006 15:23 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GNA6L-0006sT-3F; Tue, 12 Sep 2006 11:23:05 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GNA6J-0006op-Iv for mmusic@ietf.org; Tue, 12 Sep 2006 11:23:03 -0400
Received: from rtp-iport-1.cisco.com ([64.102.122.148]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GNA6H-0000P4-3G for mmusic@ietf.org; Tue, 12 Sep 2006 11:23:03 -0400
Received: from rtp-dkim-1.cisco.com ([64.102.121.158]) by rtp-iport-1.cisco.com with ESMTP; 12 Sep 2006 08:23:01 -0700
X-IronPort-AV: i="4.09,155,1157353200"; d="scan'208"; a="41243478:sNHT33016984"
Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-1.cisco.com (8.12.11.20060308/8.12.11) with ESMTP id k8CFN0GZ026196 for <mmusic@ietf.org>; Tue, 12 Sep 2006 11:23:00 -0400
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id k8CFN0uI003427 for <mmusic@ietf.org>; Tue, 12 Sep 2006 11:23:00 -0400 (EDT)
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 12 Sep 2006 11:23:00 -0400
Received: from [161.44.55.64] ([161.44.55.64]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 12 Sep 2006 11:23:00 -0400
Message-ID: <4506D0D4.1050403@cisco.com>
Date: Tue, 12 Sep 2006 11:23:00 -0400
From: Jonathan Rosenberg <jdrosen@cisco.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: IETF MMUSIC WG <mmusic@ietf.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 12 Sep 2006 15:23:00.0273 (UTC) FILETIME=[550CCA10:01C6D67F]
DKIM-Signature: a=rsa-sha1; q=dns; l=1716; t=1158074580; x=1158938580; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jdrosen@cisco.com; z=From:Jonathan=20Rosenberg=20<jdrosen@cisco.com> |Subject:ICE=20Issue=20#10=3A=20ICE=20hammer |To:IETF=20MMUSIC=20WG=20<mmusic@ietf.org>; X=v=3Dcisco.com=3B=20h=3D7WNf50QDovZde9eqCNA3kbEQN2w=3D; b=c12dz/UjMQpin2vzIXfqONwBmKG0rjSmELtRj/L+ihCvZW7sYdG1oevIHEzFYSBTFgGrZRT4 5KdcHIjDnEsEiOFAFGx6Q9vcJEwNzB2aqtejSjlmuXRIp5gmfzfNkx+A;
Authentication-Results: rtp-dkim-1.cisco.com; header.From=jdrosen@cisco.com; dkim=pass ( sig from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Subject: [MMUSIC] ICE Issue #10: ICE hammer
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
Errors-To: mmusic-bounces@ietf.org

The ICE spec talks about the voice hammer attack. This is a particularly 
devastating attack, where an attacker sends an INVITE, and places the 
IP/port of a target in the m/c-line. THe answerer, if its an automata 
(like a voicemail server) will answer and send media to the target.

ICE prevents this attack, by making sure you don't send media until a 
check succeeds. However, the checks themselves are sent out at a pace of 
one every 50ms. This opens another attack, whereby an attacker can send 
a SIP INVITE with lots of candidate lines, each of which points to the 
same host or network, with the objective of flooding that network.

This may not be much better than the voice hammer itself, except that 
its fairly limited in duration. THis is especially true if we allow 
checks to get paced faster, on par with the media stream itself.

So, it would be good to try and do something to reduce the impact of the 
ICE checks themselves. Some possibilities:

1. limit the number of candidates permitted for any media stream
2. limit the number of candidates with the same IP address for any media 
stream (this would protect a host but not a network)
3. slow down the pacing of new ICE checks if the previous doesn't 
succeed (will impact call setup times)

I like (2). Option (1) will require us to pick the number. I'm not that 
fond of (3).

-Jonathan R.
-- 
Jonathan D. Rosenberg, Ph.D.                   600 Lanidex Plaza
Cisco Fellow                                   Parsippany, NJ 07054-2711
Cisco Systems
jdrosen@cisco.com                              FAX:   (973) 952-5050
http://www.jdrosen.net                         PHONE: (973) 952-5000
http://www.cisco.com

_______________________________________________
mmusic mailing list
mmusic@ietf.org
https://www1.ietf.org/mailman/listinfo/mmusic

v2.23.0 | Report a Bug | By Email