[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSEC Security Gateways & NAT



Derek,
Derek,

For aggress mode, the first message from responder will have the DH-key?

Aslo, if initiator's IP address is meaningfull (without linking to an auth
method)
then it may not a good idea let IKE traverse through NAPT devices.

Regards,

--- David


-----Original Message-----
From: Derek Atkins [mailto:warlord@MIT.EDU]
Sent: Thursday, June 14, 2001 4:02 PM
To: Chen, David
Cc: 'Dan Harkins'; ipsec@lists.tislabs.com
Subject: Re: IPSEC Security Gateways & NAT


An unreachable IP Address would never get beyond message 2.  DH
doesn't happen at the responder until message 4.  So you are protected
against unreachable addresses.  In other words, no, the IP address is
NOT meaningless.  It means the address is reachable _and_ interested
in an IKE protocol instantiation.

True, we are still subject to DDoS zombies using their own IP Address,
but again, as I said, we now know _who_ is attacking us (because they
are actually responding to message 2 with a valid message 3), and we
can just rate-limit those addresses.

Ok, I'm lying a bit.  What we actually know that the attacker is
somewhere on the network path between the responder and the IP Address
of the initiator, such that it can read the IKE messages and grab the
responder cookie in order to send message 3.

-derek

"Chen, David" <dchen@ellacoya.com> writes:

> Derek,
> I heard that DDOS can steal someone's computer (with IP address) to 
> perform the attack.
> Also, it could be an unreachable IP address the attacker invented (or
> plotted).
> 
> The IP addess seems meaningless, unless
> it is linked to a auth method such as preshared key.
> 
> Regards,
> 
> --- David
> 
> 
> -----Original Message-----
> From: Derek Atkins [mailto:warlord@MIT.EDU]
> Sent: Thursday, June 14, 2001 3:50 PM
> To: Chen, David
> Cc: 'Dan Harkins'; ipsec@lists.tislabs.com
> Subject: Re: IPSEC Security Gateways & NAT
> 
> 
> Well, it's not -random- DoS.  The attacker must at least respond
> to message 2 with message 3 before the responder will do any work.
> This implies that the attacker must make their actual IP address
> known to the attacked.
> 
> So, you may be forced to execute a DH exponentiation as a responder,
> but you at least know _WHO_ (IP Address) caused you to perform the
> operation.
> 
> -derek
> 
> "Chen, David" <dchen@ellacoya.com> writes:
> 
> > Dan,
> > 
> > Exactly, today's phase 1
> > do DH key number crunching before auth the peer.
> > (well I think it is only intend to check integrity of the messages,
> > but pre-shared key having more than that it also auth peer.)
> > 
> > DH key generation cost much more than simple pass-phrase verification.
> > 
> > Random DOS attacks can be reduced, if responder
> > auth peer first (first tier auth) before crunching the DH-key.
> > 
> > Regards,
> > 
> > --- David
> > 
> > 
> > 
> > -----Original Message-----
> > From: Dan Harkins [mailto:dharkins@lounge.org]
> > Sent: Thursday, June 14, 2001 2:36 PM
> > To: Chen, David
> > Cc: ipsec@lists.tislabs.com
> > Subject: Re: IPSEC Security Gateways & NAT 
> > 
> > 
> >   No, the DH secret is generated *before* authentication. Re-read the
RFC.
> > 
> >   Dan.
> > 
> > On Thu, 14 Jun 2001 12:45:39 EDT you wrote
> > > Dan,
> > > 
> > > Since the phase 1 goal is to auth DH-key exchange.
> > > The DH key is generated *after* auth anyway. 
> > > 
> > > However,
> > > the pre-shared key (pass-phrase) authetication cost less (and
stateless)
> 
> > > for responder to verify than "public key" authentication.
> > > 
> > > Regards,
> > > 
> > > --- David
> 
> -- 
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord@MIT.EDU                        PGP key available

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available


Follow-Ups: