RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?

[George Jones <gmj@pobox.com>]

On Thu, 31 Jul 2003, James Carlson wrote:

> George Jones writes:
> > Sorry....I guess I should have been more clear...the goal IS to
> > make the core invisible beyond the edge.
>
> I'm not sure I understand the point of this[1],

There may be no point unless someone wants to work on it.

> [1] It's not just to hide the IP addresses, is it?  That'd just be
>     security-by-obscurity.  I don't think that treating IP addresses
>     as secrets is a viable plan.

No.  The point is to explore ways of making it impossible for anyone
beyond the edge of a network to address packets to any of the
interfaces of the core routers and have them successfully routed
there.  If you can't get packets there you can't attempt a DoS, you
can't attempt management functions, etc.

> but please do consider
> the effect of such a plan on path MTU discovery.  The ICMP messages
> from within the core do need to make it out to the sender in _some_
> form.

Right.   That's one more problem.

The point is, if this is doable, it would be a huge win in lowering
the exposure of the core of large networks (by giving them essentially
zero exposed surface area to attack[2])....but it's got a number of
sticky issues, some already identified on this list, that make it
hard/require fundamental changes....hence my suggestion that it
move somewhere else (like the IRTF) for exploration.   It's beyond
the current scope of opsec (more on that later).

Anyone up for identify the issues ?

Thanks,
---George Jones

[2] Chris Lonvick: try throwing CDs at that !