[e2e] It's all my fault
Damien Miller
djm at mindrot.org
Tue May 15 18:33:29 PDT 2007
On Tue, 15 May 2007, David P. Reed wrote:
> Damien Miller wrote:
> > On Mon, 14 May 2007, David P. Reed wrote:
> >
> > http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
> >
> > It is a simple consequence of the fact that you can stuff over 40 address
> > pairs into a RH0, and each pair causes a round trip.
> >
> A round trip is a security hole? Is every packet I send 1/80th of an attack?
Are you being facetious or did you not read the presentation? An 80x
traffic amplification on each packet yields a wonderful denial of
service. The paper demonstrates an attacker keeping hosts/gateways
occupied for *30 seconds* with a single packet. Do you regard this as a
desirable behaviour?
> If so, if I send 80 packets without RH0, then that is equally bad!
To the victim there is no difference. However the cost to the attacker is
80x higher.
> The issue here is that the network making a judgement about what
> packets should and should not be delivered as requested requires that
> the network be omniscient. If it were, it might as well figure out
> which packets I will send, send them, and then I need not bother to
> write the code to send them in the first place!
I'm not sure that I parse this, or what relevance it has. The networks that
I use daily are neither omniscient nor support source routing and they seem
to function just fine.
> Do time-sharing systems refuse to run code that implements sorting using a
> bubble sort?
Bad analogy, an inefficient algorithm doesn't (shouldn't) waste others'
timeslots.
-d
More information about the end2end-interest
mailing list