Re: [dtn-security] How do you feel about Bonjour/Avahi?

Peter Lovell <plovell@mac.com> Thu, 09 July 2009 04:15 UTC

Received: from asmtpout022.mac.com (asmtpout022.mac.com [17.148.16.97]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id n694FgUn007885 for <dtn-security@maillists.intel-research.net>; Wed, 8 Jul 2009 21:15:42 -0700
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=ISO-8859-1
Received: from [192.168.4.98] (dsl092-149-198.wdc2.dsl.speakeasy.net [66.92.149.198]) by asmtp022.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01 (built Dec 16 2008; 32bit)) with ESMTPSA id <0KMH002YDYFWSK30@asmtp022.mac.com> for dtn-security@maillists.intel-research.net; Wed, 08 Jul 2009 21:14:22 -0700 (PDT)
From: Peter Lovell <plovell@mac.com>
To: "Graham Keellings (Leonix Solutions Pte Ltd)" <Graham@leonixsolutions.com>
Date: Thu, 09 Jul 2009 00:14:17 -0400
Message-id: <20090709041417.302976474@smtp.mac.com>
In-reply-to: <4A556063.2010305@LeonixSolutions.com>
References: <89E48AE60E64EF4E8EB32B0B7EC74920A1B0F5@EVS-EC1-NODE2.surrey.ac.uk> <4A12195A.6000207@LeonixSolutions.com> <"3A5AA67A8B120B48825BFFCF544385613 7E0B06196"@NDJSSCC03.ndc.nasa.gov> <4A1DD73F.50000@bbn.com> <023601c9df2a$694fd5b0$3bef8110$@com> <4A2DF7FD.5020104@LeonixSolutions.com> <3A5AA67A8B120B48825BFFCF5443856137E3553C4B@NDJSSCC03.ndc.nasa.gov> <"029d01c 9e925$1e354880$5a9fd980$"@com> <4A46C257.3040006@LeonixSolutions.com> <"2009062 8050243.1566215671"@smtp.mac.com> <4A46FBB2.3080205@LeonixSolutions.com> <"2009 0628052255.640550503"@smtp.mac.com> <4A470CD7.4010502@LeonixSolutions.com> <"20 090628141313.1532044204"@smtp.mac.com> <4A4878A6.7010707@LeonixSolutions.com> <20090629123400.1726285002@smtp.mac.com> <C304DB494AC0C04C87C6A6E2FF5603DB2217B29183@NDJSSCC01.ndc.nasa.gov> <4A497B04.3070909@LeonixSolutions.com> <20090630122842.1049441707@smtp.mac.com> <4A556063.2010305@LeonixSolutions.com>
X-Mailer: CTM PowerMail version 6.0.2 build 4601 English (intel) <http://www.ctmdev.com>
Cc: dtn-security@maillists.intel-research.net
Subject: Re: [dtn-security] How do you feel about Bonjour/Avahi?
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2009 04:15:42 -0000

On Thu, Jul 9, 2009, Graham Keellings (Leonix Solutions Pte Ltd)
<Graham@leonixsolutions.com> wrote:

> From a security standpoint?
>
>How secure is it to have all of my nodes blaring "here I am, bad guys,
>come and try to connect to me"?
>
>Would I be safer just using hard coded IP address?
>
>Thanks in advance for any opinions.
>
>~graham();


Hi Graham,

it depends.

Mostly it depends upon the definition you have in mind for "security".

In typical discussions, security encompasses integrity, confidentiality
and availability. Various organizations will prioritize those differently.

Many commercial transactions will place integrity uppermost, although
those containing sensitive personally-identifying data may have
confidentiality above all. Thinking about a personal stock trade account
as an example - my purchase instruction for a thousand shares of some
company is not very secret but the brokerage really does want to know
that it is accurate and came from me.

If I'm the exclusive retailer for a top-selling low-priced widget, I'll
probably tolerate some fraudulent transactions but I *really* need my
web site to be up all the time, taking orders.

If I'm part of law enforcement, I'll probably value confidentiality most
highly (although the courts may emphasize integrity and chain-of-custody
for evidence).

Bonjour is just a service discovery protocol, not a part of a security
system. And it's localized so that only your neighbours know. It
shouldn't make any difference to integrity or confidentiality as those
should be handled by the defenses you have deployed. At a stretch, it
might make adversaries aware of your system but if they see Bonjour
advertisements then they're close to you already and can see your
network traffic.

Bonjour and static IP addresses are solutions to different problems. An
IP address allows a system to send something to you. Bonjour allows a
nearby system to find you if it doesn't know your address.

If you are sensitive about denial-of-service attacks then I would
suggest strongly that you do not use a hard-coded IP address, but
specify a dns address instead.

Regards.....Peter