[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Time shifitng/future redirection attacks (was RE: Identifiers

To: mbagnulo@ing.uc3m.es
Subject: Re: Time shifitng/future redirection attacks (was RE: Identifiers
From: Jari Arkko <jari.arkko@piuha.net>
Date: Mon, 29 Mar 2004 12:27:44 +0300
Cc: Multi6 List <multi6@ops.ietf.org>
In-reply-to: <LIEEJBCNFDJHFFKJJDPAAEHHDOAA.mbagnulo@ing.uc3m.es>
Organization: None
References: <LIEEJBCNFDJHFFKJJDPAAEHHDOAA.mbagnulo@ing.uc3m.es>
Reply-to: jari.arkko@piuha.net
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007


In my opinion, we need to worry about the time shifting
and future redirection attacks. We also need to worry
about denial-of-service through "hijacking" some of the
used identifiers in some permanent fashion (e.g. leap of
faith after just one return routability test at the beginning
of time) and preventing the legitimate nodes from establishing
their sessions using their identifiers after the hijack has
occurred.

--Jari

References:
- Time shifitng/future redirection attacks (was RE: Identifiers
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

Prev by Date: Re: Time shifitng/future redirection attacks (was RE: Identifiers
Next by Date: RE: Time shifitng/future redirection attacks (was RE: Identifiers
Previous by thread: Re: Time shifitng/future redirection attacks (was RE: Identifiers
Next by thread: Time shifitng/future redirection attacks
Index(es):
- Date
- Thread