Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00
Kenneth Green <KGreen@ixiacom.com> Thu, 27 October 2011 15:33 UTC
Return-Path: <KGreen@ixiacom.com>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A55321F8B9E for <bmwg@ietfa.amsl.com>; Thu, 27 Oct 2011 08:33:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.098
X-Spam-Level:
X-Spam-Status: No, score=-5.098 tagged_above=-999 required=5 tests=[AWL=-1.500, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7wi6IYVpFEY9 for <bmwg@ietfa.amsl.com>; Thu, 27 Oct 2011 08:33:20 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe003.messaging.microsoft.com [216.32.181.183]) by ietfa.amsl.com (Postfix) with ESMTP id 06EF121F8BA0 for <bmwg@ietf.org>; Thu, 27 Oct 2011 08:33:19 -0700 (PDT)
Received: from mail111-ch1-R.bigfish.com (10.43.68.245) by CH1EHSOBE016.bigfish.com (10.43.70.66) with Microsoft SMTP Server id 14.1.225.22; Thu, 27 Oct 2011 15:33:11 +0000
Received: from mail111-ch1 (localhost.localdomain [127.0.0.1]) by mail111-ch1-R.bigfish.com (Postfix) with ESMTP id CD61E1570385; Thu, 27 Oct 2011 15:33:15 +0000 (UTC)
X-SpamScore: -23
X-BigFish: PS-23(zz9371Kc85fhzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839h)
X-Forefront-Antispam-Report: CIP:157.55.61.13; KIP:(null); UIP:(null); IPVD:NLI; H:CH1PRD0604HT001.namprd06.prod.outlook.com; RD:none; EFVD:NLI
X-FB-SS: 13,
Received-SPF: pass (mail111-ch1: domain of ixiacom.com designates 157.55.61.13 as permitted sender) client-ip=157.55.61.13; envelope-from=KGreen@ixiacom.com; helo=CH1PRD0604HT001.namprd06.prod.outlook.com ; .outlook.com ;
Received: from mail111-ch1 (localhost.localdomain [127.0.0.1]) by mail111-ch1 (MessageSwitch) id 1319729595504257_12234; Thu, 27 Oct 2011 15:33:15 +0000 (UTC)
Received: from CH1EHSMHS008.bigfish.com (snatpool1.int.messaging.microsoft.com [10.43.68.252]) by mail111-ch1.bigfish.com (Postfix) with ESMTP id 6C1CF19B8053; Thu, 27 Oct 2011 15:33:15 +0000 (UTC)
Received: from CH1PRD0604HT001.namprd06.prod.outlook.com (157.55.61.13) by CH1EHSMHS008.bigfish.com (10.43.70.8) with Microsoft SMTP Server (TLS) id 14.1.225.22; Thu, 27 Oct 2011 15:33:17 +0000
Received: from CH1PRD0604MB113.namprd06.prod.outlook.com ([169.254.2.105]) by CH1PRD0604HT001.namprd06.prod.outlook.com ([10.42.111.160]) with mapi id 14.15.0003.000; Thu, 27 Oct 2011 15:33:16 +0000
From: Kenneth Green <KGreen@ixiacom.com>
To: "Jan Novak (janovak)" <janovak@cisco.com>, "bmwg@ietf.org" <bmwg@ietf.org>
Thread-Topic: [bmwg] draft-green-bmwg-seceff-bench-meth-00
Thread-Index: AcySvqGwCJ5Y0rbNQRKjBrQFDORCwQB4GuAgAAdfxQA=
Date: Thu, 27 Oct 2011 15:33:15 +0000
Message-ID: <D9D031B5F8793F4292136C1E841B62FD0216E3@CH1PRD0604MB113.namprd06.prod.outlook.com>
References: <D9D031B5F8793F4292136C1E841B62FD0132CD@CH1PRD0604MB113.namprd06.prod.outlook.com> <C95CC96B171AF24CA1BB6CA3C52D0BA0012BEA6C@XMB-AMS-212.cisco.com>
In-Reply-To: <C95CC96B171AF24CA1BB6CA3C52D0BA0012BEA6C@XMB-AMS-212.cisco.com>
Accept-Language: en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.27.84.9]
Content-Type: multipart/alternative; boundary="_000_D9D031B5F8793F4292136C1E841B62FD0216E3CH1PRD0604MB113na_"
MIME-Version: 1.0
X-MS-Exchange-CrossPremises-AuthAs: Internal
X-MS-Exchange-CrossPremises-AuthMechanism: 04
X-MS-Exchange-CrossPremises-AuthSource: CH1PRD0604HT001.namprd06.prod.outlook.com
X-MS-Exchange-CrossPremises-SCL: -1
X-MS-Exchange-CrossPremises-messagesource: StoreDriver
X-MS-Exchange-CrossPremises-BCC:
X-MS-Exchange-CrossPremises-processed-by-journaling: Journal Agent
X-MS-Exchange-CrossPremises-ContentConversionOptions: False; 00160000; True; ; iso-8859-1
X-OrganizationHeadersPreserved: CH1PRD0604HT001.namprd06.prod.outlook.com
X-OriginatorOrg: ixiacom.com
Subject: Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/bmwg>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2011 15:33:22 -0000
Good suggestion Jan, thank you. We will certainly need to flesh out the terminology and indeed, publish an associated terminology draft. An attack is indeed the whole flow/transaction set. Vulnerability/Malware (more terms we will define) attacks are a flow that triggers a vulnerability, exercises an exploit and performs its evil intent. A DDoS attack would be a series of flows within a defined period that together can be seen to be attempting to deny service to legitimate users. An example would be a botnet sending thousands of pings from spoofed IP addresses to the target host. In the case of access to banned sites or application an "attack" is the flow that attempts the access. An example would be an attempt to use Torrent or to play a popular game on Facebook from inside a corporate network. In the case of Data Leakage Prevention (DLP) an "attack" is an attempt to send banned material out of the protected network. An example would be sending an email with an attachment containing customer details. Regards, Kenneth Kenneth Green Solution Architect Ixia From: Jan Novak (janovak) [mailto:janovak@cisco.com] Sent: Thursday, 27 October 2011 11:01 PM To: Kenneth Green; bmwg@ietf.org Subject: RE: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Hi, It sounds intuitive (I am not very familiar with this area), but maybe you should include a definition of an attack - is each Evil Packet equivalent to one attack or is it the whole transaction/flow which represents an attack ?? Jan The climate of Edinburgh is such that the weak succumb young .... and the strong envy them. Dr. Johnson From: bmwg-bounces@ietf.org<mailto:bmwg-bounces@ietf.org> [mailto:bmwg-bounces@ietf.org]<mailto:[mailto:bmwg-bounces@ietf.org]> On Behalf Of Kenneth Green Sent: 25 October 2011 03:53 To: bmwg@ietf.org<mailto:bmwg@ietf.org> Subject: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Hi Team, A new Internet Draft has been posted addressing benchmark testing of Security Effectiveness. http://www.ietf.org/id/draft-green-bmwg-seceff-bench-meth-00.txt We would like to solicit discussion about the concepts described in this draft and look forward to your comments, questions and suggestions. Regards, Kenneth Kenneth Green Solution Architect Ixia
- [bmwg] draft-green-bmwg-seceff-bench-meth-00 Kenneth Green
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Jan Novak (janovak)
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Kenneth Green
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 David Newman
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Kenneth Green
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Dennis Cox
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Al Morton
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Al Morton
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Dennis Cox
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Kenneth Green
- Re: [bmwg] draft-green-bmwg-seceff-bench-meth-00 Kenneth Green