[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rddp] Terminate message a security threat?
At 06:12 AM 1/4/2005, Jim Pinkerton wrote:
Content-class:
urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C4F267.6FD91653"
To date the security ID doesn?t discuss the Terminate Message. It was
suggested to me by Mallikarjun as part of his detailed review that since
all other messages are discussed, shouldn?t Terminate be?
In thinking this through, I don?t believe this represents any new
attacks. If the Remote Peer is sending you a Terminate Message, then that
½ of the Stream is terminated. So he just clobbered himself, but hasn?t
been able to affect any other connections ? thus this is not a security
issue. If a third party is able to inject a Terminate Message into the
data stream, then it is a spoofing attack. The spoofing attack and
mitigations are already discussed. So I think at best the Terminate
Message could be added as an example of a spoofing attack, but honestly
there are a ton of things the spoofer could do, so I?m not sure I?d
revise the draft just to add another example.
Does anyone see a hole in my reasoning?
I do not see this as a security threat - at best, just another example of
existing issues that should be examined in any robust design.
Mike
Jim
_______________________________________________
rddp mailing list
rddp at ietf.org
https://www1.ietf.org/mailman/listinfo/rddp
_______________________________________________
rddp mailing list
rddp at ietf.org
https://www1.ietf.org/mailman/listinfo/rddp