mobike-1----Page:26
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
|
Issue # 15 -- What kind of tests? A regular DPD-like exchange Legitimate, but compromised peer can predict request and respond even if not at that address DPD-like exchange + cookie Does not have the above problem Authentication of addresses Can detected an en-route modification of an address (= NAT or attacker) Already decided: Use cookies (and NAT-T payloads to detect NATs) |