Re: [dnssd] I-D Action: draft-rafiee-dnssd-mdns-threatmodel-03.txt
"Hosnieh Rafiee" <ietf@rozanak.com> Tue, 21 July 2015 18:40 UTC
Return-Path: <ietf@rozanak.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE8811ACD71 for <dnssd@ietfa.amsl.com>; Tue, 21 Jul 2015 11:40:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Level:
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id meYdN2G80YVv for <dnssd@ietfa.amsl.com>; Tue, 21 Jul 2015 11:40:20 -0700 (PDT)
Received: from mail.rozanak.com (mail.rozanak.com [IPv6:2a01:238:42ad:1500:aa19:4238:e48f:61cf]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 427101ACD63 for <dnssd@ietf.org>; Tue, 21 Jul 2015 11:40:20 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.rozanak.com (Postfix) with ESMTP id 1D99E25CA2AE; Tue, 21 Jul 2015 18:40:18 +0000 (UTC)
X-Virus-Scanned: amavisd-new at rozanak.com
Received: from mail.rozanak.com ([127.0.0.1]) by localhost (mail.iknowlaws.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ot-8TiQ2yLsa; Tue, 21 Jul 2015 20:40:16 +0200 (CEST)
Received: from kopoli (p200300864F13D18A80731F0F5437F99A.dip0.t-ipconnect.de [IPv6:2003:86:4f13:d18a:8073:1f0f:5437:f99a]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.rozanak.com (Postfix) with ESMTPSA id 017BC25CA0BF; Tue, 21 Jul 2015 20:40:15 +0200 (CEST)
From: Hosnieh Rafiee <ietf@rozanak.com>
To: 'Douglas Otis' <doug.mtview@gmail.com>
References: <20150530185803.18524.17824.idtracker@ietfa.amsl.com> <814D0BFB77D95844A01CA29B44CBF8A70154C4DA@lhreml504-mbs> <556E6936.1070205@gmail.com>
In-Reply-To: <556E6936.1070205@gmail.com>
Date: Tue, 21 Jul 2015 20:40:14 +0200
Message-ID: <03b001d0c3e4$aefadba0$0cf092e0$@rozanak.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQCrwxXFLzi2goKxFti+g9RA1FjdJAH2O5pYAnR+Q1egDOKZcA==
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnssd/tGdV_wZ-XpuZXFdPdGQ607hy13g>
Cc: dnssd@ietf.org
Subject: Re: [dnssd] I-D Action: draft-rafiee-dnssd-mdns-threatmodel-03.txt
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2015 18:40:23 -0000
Hi Douglas, Sorry, I guess I overlooked this message and just saw it now.. > > > On 6/1/15 12:18 AM, Hosnieh Rafiee wrote: > > There's also a htmlized version available at: > > > https://tools.ietf.org/html/draft-rafiee-dnssd-mdns-threatmodel-03 > Dear Hosnieh, > > This review misses a concern called out in the CERT notice for dnssd at > https://www.kb.cert.org/vuls/id/550620 Yes, right. I have another type of this attack in http://tools.ietf.org/html/draft-rafiee-dnssd-mdns-threatmodel-03#section-3. 4.1 I will add another subsection under 3.5 which is about privacy issues with the following text Mixing unicast names and multicast names A service might respond to unicast queries that originated from sources outside of the local link network. Such responses may disclose information and harm the privacy about users of that network For the DoS part of that I already have a section here http://tools.ietf.org/html/draft-rafiee-dnssd-mdns-threatmodel-03#section-3. 2 Does it work for you? > See Section 1 of > https://tools.ietf.org/html/draft-otis-dnssd-mdns-xlink-06 > > The threat model also overlooks data leakage beyond a local link and DNS > amplification concerns resulting from the browse-ability offered by resource > structures as explained in the introduction and the CERT notice. That is right that I do not have it as DNS amplification but only under the title DoS attack I am not sure it is necessary but I can add a subsection under DoS attack with the following text DNS amplification attack Since a service might also response to unicast queries outside of its local link, then an attacker might be able to learn the IP address of this service and sends a lot of queries to a unicast DNS with the spoofed source IP address of this service which result in DNS amplification attack on the victim service and make this service unavailable to the service requesters, that is, lead to a DoS attack. Does it work for you? > Appendix A gives an example of data leakage exploited in Appendix B. > > A mitigation practice to overcome these risks remains unclear unless some > means is made available to limit results. Mitigation might be the Response Rate limit (RRL) as there was discussion in other WG on the unicast DNS server as well as this service. Then after receiving the same request from the same source IP, it just discards rest of the messages. Is there anything else that needs to be considered in the document. I am going to add it to the offline of the document and if there is no more comments, I can submit the new version. Thanks, Best, Hosnieh P.S. That is fine for me to receive two copy of a same message because I might overlook messages that I am not in CC or To. thanks
- Re: [dnssd] I-D Action: draft-rafiee-dnssd-mdns-t… Hosnieh Rafiee
- Re: [dnssd] I-D Action: draft-rafiee-dnssd-mdns-t… Douglas Otis
- Re: [dnssd] I-D Action: draft-rafiee-dnssd-mdns-t… Hosnieh Rafiee