[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mech-v2: decapsulation check updates

To: Jun-ichiro itojun Hagino <itojun@itojun.org>
Subject: Re: mech-v2: decapsulation check updates
From: Gert Doering <gert@space.net>
Date: Fri, 6 Feb 2004 23:43:27 +0100
Cc: gert@space.net, nwnetworks@dial.pipex.com, pekkas@netcore.fi, v6ops@ops.ietf.org
In-reply-to: <20040206221235.EAAA1103@coconut.itojun.org>
References: <20040206102913.GT8040@Space.Net> <20040206221235.EAAA1103@coconut.itojun.org>
User-agent: Mutt/1.4.1i

Hi,

On Sat, Feb 07, 2004 at 07:12:35AM +0900, Jun-ichiro itojun Hagino wrote:
> > On Thu, Feb 05, 2004 at 03:22:57PM -0000, Tom Petch wrote:
> > > A thought.  The day before you sent this, I heard an interesting
> > > presentation at RIPE-47 on tunnel discovery which used  host to router
> > > tunnels to find out how many tunnels
[..]
> > I've been there as well, and spent some time discussing this with the
> > author.
> 
> 	do you know why the author recommeded GRE?  there's no real difference
> 	between RFC2893 tunnel and GRE with respect to address spoofs and stuff,
> 	as far as i understand.

If I understood him correctly, because GRE can do sequence numbering and
keying.  So you need more information to successfully spoof that.

Gert Doering
        -- NetMaster
-- 
Total number of prefixes smaller than registry allocations:  58081  (57882)

SpaceNet AG                 Mail: netmaster@Space.Net
Joseph-Dollinger-Bogen 14   Tel : +49-89-32356-0
80807 Muenchen              Fax : +49-89-32356-299

References:
- Re: mech-v2: decapsulation check updates
  - From: Gert Doering <gert@space.net>
- Re: mech-v2: decapsulation check updates
  - From: itojun@itojun.org (Jun-ichiro itojun Hagino)

Prev by Date: Re: mech-v2: decapsulation check updates
Next by Date: [no subject]
Previous by thread: Re: mech-v2: decapsulation check updates
Next by thread: mech-v2: rewritten security text
Index(es):
- Date
- Thread