[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: application layer cross checking
Take ssh for instance. It guarantees the secure communication
channel. It also passes the userid/username to the other end.
But it does not mean that the sshd on the other end says:
"Oh, Mr XYZ, I believe who you are and the doors are wide
open. Please do come in".
As I said before, even if the OS passes the user information,
the other end NEEDS to challenge that id. Application level
authentication is not the same as AH/ESP authentication
(as it stands).
Ramin
On Thu, May 03, 2001 at 11:55:51AM -0700, Michael Thomas wrote:
>
>
> I've had a nagging question for a long time which
> I'm hoping that somebody can shed some light on.
>
> Suppose I have a linux box running Freeswan
> talking to a Solaris 8 box. Suppose also that we
> have a way to mutually authenticate each other at
> the IPsec level (pre-shared, certs, whatever).
> Suppose also that this is just a transport mode
> SA. Is there any API which prevents the following
> kind of attack?
>
> Mike's-box Server
> ------------------------------
> ----------------------------->
> IKE: DN=mike@mtcc.com
>
> <-----------------------------
> IKE: DN=server@server.com
>
> ----------------------------->
> SIP: INVITE
> From: gwb@whitehouse.gov
> [...]
>
> <-----------------------------
> 200 OK, George
>
>
> Ie, that I can authenticate myself for IPsec, but
> forge my credentials at L7. I would expect that
> there should be an API to get the credentials
> presented for IPsec back up to the app. My
> understanding is that Microsoft doesn't provide
> any kernel API at all, and I didn't immediately
> see anything in PFKEY, though I didn't look hard
> so feel free to flame me.
>
> If there's not such an API, what was the reason?
> This would seem like a pretty heavy burden to
> recreate all of the identity machinery at the app
> level to cover this attack.
>
> Mike
Follow-Ups:
References: