RE: [beepwg] Re: A couple of features to limit BEEP no reply attack

Francis Brosnan Blazquez <francis@aspl.es> Tue, 24 March 2009 17:35 UTC

Return-Path: <beepwg-bounces@beepcore.org>
X-Original-To: ietfarch-beep-archive@core3.amsl.com
Delivered-To: ietfarch-beep-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 369F83A68C1 for <ietfarch-beep-archive@core3.amsl.com>; Tue, 24 Mar 2009 10:35:27 -0700 (PDT)
X-Quarantine-ID: <c1fLRS0GmWNj>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER, Header field occurs more than once: "Cc" occurs 3 times
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[AWL=0.706, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c1fLRS0GmWNj for <ietfarch-beep-archive@core3.amsl.com>; Tue, 24 Mar 2009 10:35:26 -0700 (PDT)
Received: from hl27.dinaserver.com (hl27.dinaserver.com [82.98.144.26]) by core3.amsl.com (Postfix) with ESMTP id 09D853A6B55 for <beep-archive@lists.ietf.org>; Tue, 24 Mar 2009 10:35:25 -0700 (PDT)
Received: from hl27.dinaserver.com (localhost [127.0.0.1]) by hl27.dinaserver.com (Postfix) with ESMTP id 00E2A7CD6D6; Tue, 24 Mar 2009 18:36:08 +0100 (CET)
X-Original-To: beepwg@beepcore.org
Delivered-To: beepwg-lista@hl27.dinaserver.com
Received: from dolphin.aspl.es (unknown [212.170.183.66]) by hl27.dinaserver.com (Postfix) with ESMTP id E84007CBD20 for <beepwg@beepcore.org>; Tue, 24 Mar 2009 18:35:41 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by dolphin.aspl.es (Postfix) with ESMTP id CD7FD740F8; Tue, 24 Mar 2009 18:32:04 +0100 (CET)
X-Virus-Scanned: amavisd-new at dolphin.aspl.es
Received: from dolphin.aspl.es ([127.0.0.1]) by localhost (dolphin.aspl.es [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MVHD5G6PoXhN; Tue, 24 Mar 2009 18:32:00 +0100 (CET)
Received: from [192.168.0.132] (barracuda [10.0.0.4]) by dolphin.aspl.es (Postfix) with ESMTP id EF22C74052; Tue, 24 Mar 2009 18:31:59 +0100 (CET)
Subject: RE: [beepwg] Re: A couple of features to limit BEEP no reply attack
From: Francis Brosnan Blazquez <francis@aspl.es>
To: "Thomson, Martin" <Martin.Thomson@andrew.com>
In-Reply-To: <E51D5B15BFDEFD448F90BDD17D41CFF1058BCB58@AHQEX1.andrew.com>
References: <1236942381.17324.180.camel@vulcan.aspl.local> <9471C896-E007-4745-8A49-885D51B6B130@apple.com> <ffc28d54-b4e6-4eaa-ba21-2d6d9f94a2b8@v38g2000yqb.googlegroups.com> <1237382051.5260.273.camel@vulcan.aspl.local> <E51D5B15BFDEFD448F90BDD17D41CFF1058BCB58@AHQEX1.andrew.com>
Content-Type: text/plain
Organization: Advanced Software Production Line, S.L.
Date: Tue, 24 Mar 2009 18:35:32 +0100
Message-Id: <1237916132.27593.169.camel@vulcan.aspl.local>
Mime-Version: 1.0
X-Mailer: Evolution 2.22.3.1
Content-Transfer-Encoding: 7bit
X-DinaScanner: Libre de Virus, Este E-Mail no ha sido analizado.
X-DinaScanner-SpamCheck: no es spam, SpamAssassin (not cached, puntaje=-2.499, requerido 6, BAYES_00 -2.60, RDNS_NONE 0.10),
cc: Martin Thomson <martin.thomson@gmail.com>
cc: Vortex <vortex@lists.aspl.es>
cc: beepwg@beepcore.org
X-BeenThere: beepwg@beepcore.org
X-Mailman-Version: 2.1
Precedence: list
List-Id: <beepwg.beepcore.org>
List-Help: <mailto:beepwg-request@beepcore.org?subject=help>
List-Post: <mailto:beepwg@beepcore.org>
List-Subscribe: <http://beepcore.org/mailman/listinfo/beepwg>, <mailto:beepwg-request@beepcore.org?subject=subscribe>
List-Unsubscribe: <http://beepcore.org/mailman/listinfo/beepwg>, <mailto:beepwg-request@beepcore.org?subject=unsubscribe>
Sender: beepwg-bounces@beepcore.org
Errors-To: beepwg-bounces@beepcore.org
X-DinaScanner-Information: DinaScanner. Filtro anti-Spam y anti-Virus
X-MailScanner-ID: 00E2A7CD6D6.7CC77
X-DinaScanner-From: beepwg-bounces@beepcore.org

Hi Martin,

> Sorry about the delay in responding...

;-) No problem..

> RTT discovery is performed by every TCP stack.  It's part of working
> out the necessary window size to maximize throughput.  I don't know if
> this information is made available by any TCP stacks, but it isn't
> impossible to measure.  Even above TCP where retransmits could
> interfere its' probably still doable.

Fine. I could place such mention so developers can consider it. However,
as you are guessing, such APIs are missing especially on windows (pretty
much like TCP maximum negotiated segment size).

> I'd still say that the main concern I have is that your interpretation
> of what constitutes a "protocol violation" is too narrow a view.  More
> holistically, a badly behaving peer needs to be treated as such,
> regardless of where the errors occur.  Niceties like proper channel
> and session closure are luxuries - a badly behaving peer does not
> deserve to be treated in such a civilised fashion.

Ok. Just to point reply-limit is to protect a peer from BNRA especially
over channel 0 rather giving especial care to badly behaving peers.

After this initial poll I think there are few interest in reply-limit
feature. I still think this is a remaining issue to solve and, with some
degree, this "silence" confirms close session is not being used at this
moment due to problems it carries, especially in an untrusted/public
environment. No problem, next issue...

..what about "optional-reply"? What's your opinion about it? 

Cheers!

> Cheers,
> Martin
-- 
Francis Brosnan Blazquez <francis@aspl.es>;
Advanced Software Production Line, S.L.