IETF Logo Mail Archive

Re: [Gen-art] Gen-ART and OPS-Dir review of draft-wkumari-dhc-capport-13

Warren Kumari <warren@kumari.net> Mon, 13 July 2015 15:59 UTC

Return-Path: <warren@kumari.net>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B5391ACF19 for <gen-art@ietfa.amsl.com>; Mon, 13 Jul 2015 08:59:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6SwVOUMmbcPR for <gen-art@ietfa.amsl.com>; Mon, 13 Jul 2015 08:59:07 -0700 (PDT)
Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com [209.85.218.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BAE051B2C10 for <gen-art@ietf.org>; Mon, 13 Jul 2015 08:59:02 -0700 (PDT)
Received: by oiab3 with SMTP id b3so138538630oia.1 for <gen-art@ietf.org>; Mon, 13 Jul 2015 08:59:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=fKGqMIzFXCCRoMBhbBuRCPeaNsSe5s+u/dCkSmaQZUI=; b=Iggy5q3xwl+nUWr7XyAqV6icqyMq01lz5LmU9RhWj7u3naGYZCXUX2IQMwCfBndBcD G2pMGSFwEOVUF/Ro8zpfnUOgK41unghJqlcvzl5+ksUL0OkKXeHL99y9qJEVu4AA2MHr bulPnfXm0sfkkQMDecKn85VkbmF1/q90jcBIJBin+DKGh86C2Y1nG1pvBFjs2qFNQ60Z KtRPePGbc+aI1a8kMchrkQdW8PpErW2BawX00CA+MU0CNVd3dxkuBmqaum3uA6x3DPBM +JScxz+LfPr28iew0drtvnHcY97m/tiU3asXdKOkZ7ZOgKBUqk6rJGrqxg7F8FYsOwrL 1YgA==
X-Gm-Message-State: ALoCoQmmsix+drlWvHzE6ViVwdZ8VXC/541kdMHbQwCzUnnDX9U9pf/oEvWsjdfvL1t+/wQt48VP
MIME-Version: 1.0
X-Received: by 10.202.108.142 with SMTP id h136mr7156952oic.86.1436803142184; Mon, 13 Jul 2015 08:59:02 -0700 (PDT)
Received: by 10.202.232.1 with HTTP; Mon, 13 Jul 2015 08:59:02 -0700 (PDT)
In-Reply-To: <tsl380sf4et.fsf@mit.edu>
References: <CE03DB3D7B45C245BCA0D2432779493613FF7529@MX104CL02.corp.emc.com> <55A13B30.4070208@bogus.com> <DM2PR0301MB065593620A6E227EB2D5421CA89E0@DM2PR0301MB0655.namprd03.prod.outlook.com> <CAHw9_iLS1BGmUfeUP7fX58QAZ4QmM72ZcTV6hZZwper40bG+=Q@mail.gmail.com> <tsl380sf4et.fsf@mit.edu>
Date: Mon, 13 Jul 2015 17:59:02 +0200
Message-ID: <CAHw9_iJgNmmfx3=OoRXPdYcA37Q9Y5EhZ_TbKp+CRS6xuda8xA@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
To: Sam Hartman <hartmans-ietf@mit.edu>
Content-Type: multipart/alternative; boundary="001a1142da9ce73d14051ac3cca3"
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/BO2Q1ULv20H-gjCQRoxGOqrBesE>
Cc: "ops-dir@ietf.org" <ops-dir@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "olafur@cloudflare.com" <olafur@cloudflare.com>, "General Area Review Team (gen-art@ietf.org)" <gen-art@ietf.org>, "ebersman-ietf@dragon.net" <ebersman-ietf@dragon.net>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "steve.sheng@icann.org" <steve.sheng@icann.org>, Christian Huitema <huitema@microsoft.com>
Subject: Re: [Gen-art] Gen-ART and OPS-Dir review of draft-wkumari-dhc-capport-13
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2015 15:59:08 -0000

Okey dokey, I'm happy to add something.

Does anyone have any suggested text?

W

On Monday, July 13, 2015, Sam Hartman <hartmans-ietf@mit.edu> wrote:

> >>>>> "Warren" == Warren Kumari <warren@kumari.net <javascript:;>> writes:
>
>     Warren>    On Saturday, July 11, 2015, Christian Huitema
>     Warren> <huitema@microsoft.com <javascript:;>>
>     Warren>    wrote:
>
>     Warren>      On Saturday, July 11, 2015 8:50 AM, joel jaeggli wrote
>     >> ...  [5] Section 5:
>     >>
>     >> Fake DHCP servers / fake RAs are currently a security concern -
>     >> this doesn't make them any better or worse.
>     >>
>     >> Please cite a reference for this, preferably with operational
>     >> recommendations on limiting these problems (e.g., ensure that
>     >> DHCP
>     Warren>      and
>     >> RA traffic cannot be injected from outside/beyond the network
>     >> that
>     Warren>      is relevant to the portal).
>
> >      There is definitely an
> > attack vector there. Suppose an attacker can monitor the
> > traffic, say on an unencrypted Wi-Fi hot spot. The attacker
> > can see a DHCP request or INFORM, and race in a fake
> > response with an URL of their own choosing. The mark's
> > computer automatically connects there, and download some
> > zero-day attack.  Bingo!
>
>     Warren>    An attacker with this level of access can already do
>     Warren> this. They fake a DHCP response with themselves as the
>     Warren> gateway and insert a 302 into any http connection. Or, more
>     Warren> likely they simply inject malicious code into some
>     Warren> connection.
>
>
> I'm with Christian.  The attack he describes--injecting a URI--is less
> likely in my mind to be noticed than setting up a gateway.  So, I do
> consider this a new vector.
>


-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf

v2.23.0 | Report a Bug | By Email