[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC Security Gateways & NAT

To: "jshukla" <jshukla@earthlink.net>
Subject: Re: IPSEC Security Gateways & NAT
From: Derek Atkins <warlord@mit.edu>
Date: 19 Jun 2001 12:34:35 -0400
Cc: "Chen, David" <dchen@ellacoya.com>, "'Dan Harkins'" <dharkins@lounge.org>, <ipsec@lists.tislabs.com>
In-Reply-To: "jshukla"'s message of "Tue, 19 Jun 2001 09:25:31 -0700"
References: <85D31AAF3DFCD4119C44000102C009707DD77C@mail.ellacoya.com> <004d01c0f85a$82af5e50$e4b02304@ffb5b> <sjmy9qpcl3j.fsf@rcn.ihtfp.org> <003501c0f8dc$8095d310$f6b02304@ffb5b>
Sender: owner-ipsec@lists.tislabs.com

"jshukla" <jshukla@earthlink.net> writes:

> Right! The point is that pre-shared keys based authentication
> can be made more robust against DoS attacks compared to
> the other three authentication methods. In their current form,
> all authencitation methods are susceptible to DoS attacks.

Well, an attacker need not request pre-shared key based
authentication.  Also, this DoS prevention is at the expense
of ID protection.

> regards,
> Jayant

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

References:

RE: IPSEC Security Gateways & NAT

From: "Chen, David" <dchen@ellacoya.com>

Re: IPSEC Security Gateways & NAT

From: "jshukla" <jshukla@earthlink.net>

Re: IPSEC Security Gateways & NAT

From: Derek Atkins <warlord@mit.edu>

Re: IPSEC Security Gateways & NAT

From: "jshukla" <jshukla@earthlink.net>

Prev by Date: Re: IPSEC Security Gateways & NAT
Next by Date: Re: IPSEC Security Gateways & NAT
Prev by thread: Re: IPSEC Security Gateways & NAT
Next by thread: Re: IPSEC Security Gateways & NAT
Index(es):
- Main
- Thread