Re: [Mud] Simplified Quarantine model
Michael Richardson <mcr@sandelman.ca> Tue, 23 July 2019 23:07 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: mud@ietfa.amsl.com
Delivered-To: mud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39F8A1200B8 for <mud@ietfa.amsl.com>; Tue, 23 Jul 2019 16:07:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sKYU1YCTjGdH for <mud@ietfa.amsl.com>; Tue, 23 Jul 2019 16:07:14 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E8FD120154 for <mud@ietf.org>; Tue, 23 Jul 2019 16:07:13 -0700 (PDT)
Received: from dooku.sandelman.ca (dhcp-8960.meeting.ietf.org [31.133.137.96]) by relay.sandelman.ca (Postfix) with ESMTPS id 31BF11F44B; Tue, 23 Jul 2019 23:07:12 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id B7E401BBF; Tue, 23 Jul 2019 19:07:34 -0400 (EDT)
From: Michael Richardson <mcr@sandelman.ca>
To: tirumal reddy <kondtir@gmail.com>
cc: "M. Ranganathan" <mranga@gmail.com>, mud@ietf.org
In-reply-to: <CAFpG3gd=4vd5oY72pS4o2f3VrjuxCUr6OL==tNR8hXVHJmRJcw@mail.gmail.com>
References: <CAHiu4JM3oZkXzasiqF9vYzrHFsvDvR446evShQBAXnW46nNXdQ@mail.gmail.com> <CAFpG3gd=4vd5oY72pS4o2f3VrjuxCUr6OL==tNR8hXVHJmRJcw@mail.gmail.com>
Comments: In-reply-to tirumal reddy <kondtir@gmail.com> message dated "Tue, 21 May 2019 12:33:12 +0530."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 23 Jul 2019 19:07:34 -0400
Message-ID: <2235.1563923254@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mud/C9QY70FZmKzbXgEHtIFprP0qNgU>
Subject: Re: [Mud] Simplified Quarantine model
X-BeenThere: mud@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Manufacturer Ussage Descriptions <mud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mud>, <mailto:mud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mud/>
List-Post: <mailto:mud@ietf.org>
List-Help: <mailto:mud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mud>, <mailto:mud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 23:07:16 -0000
tirumal reddy <kondtir@gmail.com> wrote: > How do you identify an attacker is using the victim device's MAC and IP > address to send attack traffic (e.g. SYN flood) ? On wired, this has to be protected by using a managed switch and then locking ports down to mac addresses. On wireless, one needs unique PSKs (or Enterprise WPA), which then one can identify which device is which, and lock the MAC address down. Of course, all this fails if the devices are expected to randomize the L2 address. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- Re: [Mud] Simplified Quarantine model tirumal reddy
- Re: [Mud] Simplified Quarantine model Michael Richardson
- Re: [Mud] Simplified Quarantine model tirumal reddy