IETF Logo Mail Archive

Re: [MMUSIC] Updating the pacing of ICE connectivity checks

Matthew Kaufman <matthew@matthew.at> Thu, 14 February 2013 23:46 UTC

Return-Path: <matthew@matthew.at>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07C5421F89FB for <mmusic@ietfa.amsl.com>; Thu, 14 Feb 2013 15:46:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.034
X-Spam-Level:
X-Spam-Status: No, score=-0.034 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v16p4UaZGmos for <mmusic@ietfa.amsl.com>; Thu, 14 Feb 2013 15:46:38 -0800 (PST)
Received: from where.matthew.at (where.matthew.at [198.202.199.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E06A21F89EF for <mmusic@ietf.org>; Thu, 14 Feb 2013 15:46:38 -0800 (PST)
Received: from [192.168.1.114] (unknown [71.92.88.47]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by where.matthew.at (Postfix) with ESMTP id 4B2AC230005; Thu, 14 Feb 2013 15:46:38 -0800 (PST)
References: <511CEB64.6070306@ericsson.com> <05a401ce0ac6$db547230$91fd5690$@cisco.com> <511D03A7.1060008@ericsson.com> <511D0498.3030909@jitsi.org> <511D07F1.3070808@ericsson.com> <085d01ce0b0d$12dbfb10$3893f130$@cisco.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <085d01ce0b0d$12dbfb10$3893f130$@cisco.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <AA2FE935-F441-4A68-B104-1AF5F01600AF@matthew.at>
X-Mailer: iPad Mail (10A523)
From: Matthew Kaufman <matthew@matthew.at>
Date: Thu, 14 Feb 2013 15:46:40 -0800
To: Dan Wing <dwing@cisco.com>
Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>, Ari Keränen <ari.keranen@ericsson.com>, mmusic <mmusic@ietf.org>
Subject: Re: [MMUSIC] Updating the pacing of ICE connectivity checks
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2013 23:46:39 -0000

On Feb 14, 2013, at 3:43 PM, "Dan Wing" <dwing@cisco.com> wrote:

> 
> Question, playing devil's advocate:  is the voice hammer attack (or a
> STUN connectivity check hammer attack) worse than a web page full of
> HTML IMG tags pointing at a victim's web server, which I believe has
> no protection or pacing?  Has such an HTML IMG attack been a real
> problem, or do we consider it will be a problem?

Most browsers do have a limit for the number of simultaneous IMG loads, some even more so if they all appear to be pointed at the same domain.

Matthew Kaufman

v2.23.0 | Report a Bug | By Email