[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: suggestion for JFK

To: <dharkins@tibernian.com>
Subject: RE: suggestion for JFK
From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>
Date: Mon, 17 Dec 2001 18:58:04 -0500
Cc: <ipsec@lists.tislabs.com>
Importance: Normal
In-Reply-To: <20011213062153.EB51054C55@tailor.sailpix.com>
Reply-To: <andrew.krywaniuk@alcatel.com>
Sender: owner-ipsec@lists.tislabs.com

> In addition, by not including the IP address in the hash
> calculation JFK
> opens itself up to a varient of Simpson's "cookie jar"
> attack.
...
> I will now stop beating this horse since I am the only person
> who thinks
> it is not dead yet.


I wasn't able to follow this thread in real time, but I think Dan has a good
point. After all, the ability to be able to trace a DoS attack back to its
source is often a more effective countermeasure than an attempt to stop it
'on the wire'.

This attack is clearly non-intuitive (it took a while for Dan to explain
it), so it is better not to leave it as an implementation detail. (speaking
as someone who has seen some very poor implementations of the original
Karn-Simpson cookies...)

Andrew
-------------------------------------------
There are no rules, only regulations. Luckily,
history has shown that with time, hard work,
and lots of love, anyone can be a technocrat.

References:

Re: suggestion for JFK

From: dharkins@tibernian.com

Prev by Date: CFP for an Invited section of SCI2002:Modeling, Analysis, Simulation, QoS Issues of Wireless LANs and Mobile Ad Hoc Networks
Next by Date: IKE v2 Requirements and backwards compatability
Prev by thread: Re: suggestion for JFK
Next by thread: Re: suggestion for JFK
Index(es):
- Main
- Thread