[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: threats ID

To: mbagnulo@ing.uc3m.es
Subject: Re: threats ID
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date: Tue, 20 Jan 2004 21:56:08 +0900
Cc: Brian E Carpenter <brc@zurich.ibm.com>, Multi6 List <multi6@ops.ietf.org>
In-reply-to: <LIEEJBCNFDJHFFKJJDPAEEDGDJAA.mbagnulo@ing.uc3m.es>
References: <LIEEJBCNFDJHFFKJJDPAEEDGDJAA.mbagnulo@ing.uc3m.es>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

Marcelo;

please consider the differences between performing a hijack attack on MIP
(layer 3 solution) or performing a hijack attack on SCTP (transport layer
solution)


Sure. While MIP has its own security threat, it has nothing to do
with M6.

As I repeatedly point it out, there is no reasonable timeout value
shared between MIP and M6 that there is no point mixing MIP binding
and M6 connection.

MIP timeout is determined by expected size of cell divided by
expected movement speed of hosts, while M6 timeout is determined
by transport and application protcols.

in the first case the complete end node is hijacked (that is its IP address
that is its identifier) and in the second case only a given connection is
hijacked


In the first case, what is hijacked is binding between home and care
of addresses, which is not a connection. You can still call it a
connection, but its meaning is totally different from connection
of TCP or SCTP.

threats are different and security required is different

( i am really tring to agree with your draft here :-)

Thanks.

Masataka Ohta

Follow-Ups:
- RE: threats ID
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

References:
- RE: threats ID
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

Prev by Date: Re: threats ID
Next by Date: RE: threats ID
Previous by thread: Re: threats ID
Next by thread: RE: threats ID
Index(es):
- Date
- Thread