[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Heartbeats (was RE: keepalives)
Ricky Charlet wrote:
> * Unsecured heartbeats in the clear leave you open to DOS attack as
> anybody can spoof you into thinking that your peer is no-responsive.
You don't need spoof heartbeats to make peer "into thinking that your peer is
no-responsive".
Just spoof any IKE or IPSec traffic. Heartbeats do not increase vulnerability for
such attack.
--
Bronislav Kavsan
IRE Secure Solutions, Inc.
100 Conifer Hill Drive Suite 513
Danvers, MA 01923
voice: 978-539-4816
http://www.ire.com
References: