[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CRACK

To: Yael Dayan <yael@radguard.com>
Subject: Re: CRACK
From: Kanta Matsuura <kanta@hideki.iis.u-tokyo.ac.jp>
Date: Mon, 25 Oct 1999 17:32:00 +0900
Cc: Dan Harkins <dharkins@network-alchemy.com>, ipsec@lists.tislabs.com
In-Reply-To: <38108704.ACB4B8FF@radguard.com>
Sender: owner-ipsec@lists.tislabs.com

Yael,
Please consult with
http://www.ietf.org/internet-drafts/draft-matsuura-sign-mode-01.txt
about a modified authentication mode more resistant against the DoS
you mentioned.
Any comments are welcome.
Thanks,

Yael Dayan <yael@radguard.com> wrote:
>>Dan,
>>I think there is some wording missing in the security considerations
>>section.
>>I am referring to vulnerabilities to denial of service attacks.
>>The gateway is required to answer with KE and SIG prior to any knowledge
>>of who the initiator is.  (The SIG cannot be prepared ahead of time.).
>>An attacker only needs to know the gateway's address  to launch an attack
>>that requires very little effort on his behalf.
>>
>>Yael

--^^--
Kanta

References:

Re: CRACK

From: Yael Dayan <yael@radguard.com>

Prev by Date: comments on ip sec
Next by Date: I-D ACTION:draft-ietf-ipsec-ike-monitor-mib-00.txt
Prev by thread: Re: CRACK
Next by thread: Re: CRACK
Index(es):
- Main
- Thread