[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 6to4 security questions
Pekka Savola wrote:
Hi Pekka,
Thank you for the presentation today, it was too bad we didn't have more
time to discuss it.
The most important part (how to go forward) got cut-off at the meeting, so
I'm hoping to be able to hear some thoughts on the 6to4 security issues.
* The most important thing:
==> document the existing problems and declare done or try to invent
bigger fixes for the problems?
Documenting the problems is the first step (which your draft mostly
does) and I believe these should remain in their own draft. The larger,
relay router related, problems I do not believe can or should be solved
by this draft. This draft should present the security concerns, the
possible attacks and any known ways to protect a 6to4 site. I also
believe there needs text that speaks to the usefulness of a 6to4 relay
router. It should be made clear that a site should just block all
traffic to/from relay routers if that site does not have a compelling
reason to connect to the (Native) IPv6 Internet. 6to4 works great for
connecting isolated clouds, but we can all see how connecting to the
IPv6 Internet using 6to4 relay routers is flawed and dangerous.
* Draft has two parts
- relay spoofing troubles
- 6to4 usage analysis, guidelines for sec considerations
implementation etc.
==> keep these separate or not? (the second are IMO ready)
Keep it in one draft. Any "solutions" for the relay router problems
should be brought up in another draft.
* Is the relay problem (spoofing from 2001::/16) something we need to
worry about?
- after all, you probably can spoof the source addresses without 6to4
too..
==> if yes, how much effort should we put into it?
This is a very serious problem which can make 6to4 hosts into pawns for
a DDoS attack. It needs mentioning, but we might just have to accept
that it is very difficult to prevent for the average case. Certainly
6to4 relay routers as an entity are not evil, only the potential abuse.
With proper considerations and limited usage, relay routers can be used
safely. A few people during the meeting mentioned using IPSec or some
sort of three way handshake. These approaches will not work for the
average case, but can work for specific deployments of 6to4.
thanks,
-Jason
* Should we analyze the DoS attacks (abusing relays) whether anything can
be done against those in more detail?
- already in the draft, maybe more