[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Future ISAKMP Denial of Service Vulnerablity Needs Addressing
"Mr. Anderson" wrote:
>
> >From an engineering perspective, time is the core design
> principle for CPU cycles and RAM; plus timing states and
> other related time/resource issues. Time is the ultimate
> resource.....
>
> Hence, Time is of the essence and we are all in agreement.
>
> To say CPU or RAM is key is to agree, very obviously,
> that time is underlying critical element, the Zen
> of network and computer systems.
>
> It is still not clear what is the way ahead, to insure
> that when IPSEC VPNs are in place, that folks of malicious
> intent will not have a easy target to effect ISAKMP
> UPD 500 (using whatever) to decrease the reliability,
> risk and robustness of IPSEC ISAKMP.
>
> Anyone clearly know the way ahead?
Yes. The way ahead is to consider the capabilities of the
adversary, and to define the requirements as to how good
protection we wish to obtain against an adversary with
the particular capabilities.
Some of the key capabilities the adversary may have are
a) ability to send forged packets, b) ability to receive
responses to former forged packets, c) ability to modify
all packets between Alice and Bob, d) how much of traffic
the adversary can generate and of what type, e) ditributed
attack or not, f) ability to plant a bomb underneath the SGW
and to blow it sky-high.
One of the key requirements is: if the DoS attack has
lowered system capability, what service may fail first?
New connections? Existing connections? Connections from
peers that succeeded in authenticating in the near past?
There's no way to proceed without a requirements specification!
Ari
--
Ari Huttunen phone: +358 9 859 900
Senior Software Engineer fax : +358 9 8599 0452
F-Secure Corporation http://www.F-Secure.com
F-Secure products: Integrated Solutions for Enterprise Security
References: