[e2e] Security implications blurring the name/address distinction

Joe Touch touch at ISI.EDU
Wed Feb 16 08:26:09 PST 2005



David P. Reed wrote:
> Joe -
> 
> the classic security community definition of denial of service includes 
> TCP RST and PMTU attacks.   Neither exposes the content of a message or 
> corrupts the content of message - they merely interfere with reliability 
> of delivery.
> 
> You may want to subdivide "denial of service" into subcategories.   But 
> ultimately, those attacks deny service.   And that's my point.
> 
> There is nothing in the classification of security risks that says 
> "denial of service" is protocol-independent.

There's a big difference between attacks that overwhelm resources and 
ones that kill connections or drop packets.

In my reading of the security community work, DOS tends to focus on the 
resource-starvation - by adding new connections, by overwhelming 
forrwarding or security processing, by consuming buffers.

The service is denied because of OTHER THINGS going on. They're indirect 
attacks on particular connections.

TCP RST and PMTU are direct attacks.

Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://www.postel.org/pipermail/end2end-interest/attachments/20050216/92e359cc/signature-0001.bin


More information about the end2end-interest mailing list