[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bellovin's and Ahar's attacks
- To: Derek Atkins <warlord@MIT.EDU>
- Subject: Re: Bellovin's and Ahar's attacks
- From: pau@watson.ibm.com (Pau-Chen Cheng)
- Date: Thu, 13 Apr 95 10:06:43 -0500
- Cc: ipsec@ans.net
- In-Reply-To: (Your message of Wed, 12 Apr 95 18:54:57 EDT.) <9504122255.AA11682@josquin.media.mit.edu>
> > 4. When receiving a UDP message, examine the time stamp, discard any message
> > that is too old (e.g., more than twice the network latency).
^^^^
Derek, it is only meant to be an example. And I agree with you. Using
some other measure like the minimum time a port number will be held
is a better way.
Regards, Pau-Chen
>
> How can you make an arbitrary decision like this? What happens if
> there is a network burp on the nice fiber I use, and my packet gets
> routed across a satellite link instead? Are you proposing that my
> packet be ignored because it took an alternate route?
>
> I thought that alternate routing was one of the features of TCP/IP,
> and you're proposing we throw that away? I would hope not.
>
> Perhaps instead of using network latency, you use some other measure
> to time out a packet. You could use some arbitrary time measurement
> like 5 minutes, or you could use some other method. But just using
> the network latency, which can be very dynamic over congested or
> long-distance paths, is probably a sub-optimal solution.
>
> -derek
>
> Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
> Member, MIT Student Information Processing Board (SIPB)
> Home page: http://www.mit.edu:8001/people/warlord/home_page.html
> warlord@MIT.EDU PP-ASEL N1NWH PGP key available