[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: vulnerability of being attacked//RE: [RRG] Re: Should the identifier be used as local locator
Hi Xiaohu,
|I wonder whether the routing on flat identifier(irrelevant to
|location)will become a vulnerability to being attacked by
|random destination identifier scan, since the last hop router
|doesn't know the exact range of the identifiers in its local
|scale. Take the unlimited range of the flat identifier into
|consideration, the vulnerability will become even worse than
|that of current ARP(for one subnet,there is a limit on the
|range of ARP resolution).
It would seem that this attack would actually be better than it is today.
The last hop router would learn identifiers via ND (or something similar,
ala ES-IS) and have a full table of hosts on the attached subnet. Then,
when a random packet arrives, it performs a lookup and that fails, so it
drops the packet.
Contrast this to the attacks today, where the last hop router instead
actually puts a broadcast ARP request onto the wire, sucking cycles from all
systems on that subnet. ;-(
Tony
--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg