[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bellovin's and Ahar's attacks

To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: Bellovin's and Ahar's attacks
From: pau@watson.ibm.com (Pau-Chen Cheng)
Date: Thu, 13 Apr 95 10:06:43 -0500
Cc: ipsec@ans.net
In-Reply-To: (Your message of Wed, 12 Apr 95 18:54:57 EDT.) <9504122255.AA11682@josquin.media.mit.edu>

> >  4. When receiving a UDP message, examine the time stamp, discard any message
> >     that is too old (e.g., more than twice the network latency).
                         ^^^^
Derek, it is only meant to be an example. And I agree with you. Using
some other measure like the minimum time a port number will be held
is a better way.

Regards, Pau-Chen

>
> How can you make an arbitrary decision like this?  What happens if
> there is a network burp on the nice fiber I use, and my packet gets
> routed across a satellite link instead?  Are you proposing that my
> packet be ignored because it took an alternate route?
>
> I thought that alternate routing was one of the features of TCP/IP,
> and you're proposing we throw that away?  I would hope not.
>
> Perhaps instead of using network latency, you use some other measure
> to time out a packet.  You could use some arbitrary time measurement
> like 5 minutes, or you could use some other method.  But just using
> the network latency, which can be very dynamic over congested or
> long-distance paths, is probably a sub-optimal solution.
>
> -derek
>
>          Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
>        Member, MIT Student Information Processing Board (SIPB)
>     Home page: http://www.mit.edu:8001/people/warlord/home_page.html
>        warlord@MIT.EDU    PP-ASEL     N1NWH    PGP key available

Prev by Date: Re: Bellovin's and Ashar's attacks
Next by Date: Re: Bellovin's and Ahar's attacks
Next by thread: Re: IPv6 Security Last Call Initial Questions
Index(es):
- Main
- Thread