Re: [MEXT] re-direction attack on MCoA
marcelo bagnulo braun <marcelo@it.uc3m.es> Fri, 01 February 2008 17:32 UTC
Return-Path: <mext-bounces@ietf.org>
X-Original-To: ietfarch-nemo-archive@core3.amsl.com
Delivered-To: ietfarch-nemo-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8559028C3BE; Fri, 1 Feb 2008 09:32:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.762
X-Spam-Level:
X-Spam-Status: No, score=-3.762 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_BAD_ID=2.837, RCVD_IN_DNSWL_MED=-4]
Received: from core3.amsl.com ([127.0.0.1]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mos-owb0lD7f; Fri, 1 Feb 2008 09:32:00 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 41A8428C387; Fri, 1 Feb 2008 09:31:51 -0800 (PST)
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C9F8A28C387 for <mext@core3.amsl.com>; Fri, 1 Feb 2008 09:31:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v481-uoPjXcY for <mext@core3.amsl.com>; Fri, 1 Feb 2008 09:31:49 -0800 (PST)
Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id E7ACD3A68A6 for <mext@ietf.org>; Fri, 1 Feb 2008 09:31:44 -0800 (PST)
Received: from chelo-it-uc3m-es.it.uc3m.es (chelo-it-uc3m-es.it.uc3m.es [163.117.139.76])(using TLSv1 with cipher AES128-SHA (128/128 bits))(No client certificate requested)by smtp03.uc3m.es (Postfix) with ESMTP id 172372C68F9;Fri, 1 Feb 2008 18:33:18 +0100 (CET)
Message-Id: <AEED9021-C752-4A31-9130-741091CBF81C@it.uc3m.es>
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
To: RYUJI WAKIKAWA <ryuji.wakikawa@gmail.com>
In-Reply-To: <855CE3D2-FD2E-498F-BABB-1970645CBC77@gmail.com>
Mime-Version: 1.0 (Apple Message framework v915)
Date: Fri, 01 Feb 2008 18:33:16 +0100
References: <7892795E1A87F04CADFCCF41FADD00FC051C02A0@xmb-ams-337.emea.cisco .com><4C47BAA9-BA58-45F7-BDCF-2C050118BACE@it.uc3m.es><Pine.LNX.4.64.08013 0 1915130.30941@rhea.tcs.hut.fi><F9F7F253-DC2E-4F89-B235-6C00A981425B@it.uc3m .es><Pine.LNX.4.64.0801302010130.30941@rhea.tcs.hut.fi><E4A82F11-1FA6-4908 - A466-EC839FD7C315@it.uc3m.es><6D19CA8D71C89C43A057926FE0D4ADAA232B6D@ecamlm w720.eamcs.ericsson.se><d3886a520801310308u937f976u214dff17a050d97b@mail.g mail.com> <855CE3D2-FD2E-498F-BABB-1970645CBC77@gmail.com>
X-Mailer: Apple Mail (2.915)
X-imss-version: 2.049
X-imss-result: Passed
X-imss-scanInfo: M:B L:E SM:2
X-imss-tmaseResult: TT:1 TS:-30.4878 TC:1F TRN:51 TV:5.0.1023(15704.000)
X-imss-scores: Clean:100.00000 C:0 M:0 S:0 R:0
X-imss-settings: Baseline:1 C:1 M:1 S:1 R:1 (0.0000 0.0000)
Cc: Julien Laganier <julien.laganier@laposte.net>, mext@ietf.org
Subject: Re: [MEXT] re-direction attack on MCoA
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: mext-bounces@ietf.org
Errors-To: mext-bounces@ietf.org
right El 01/02/2008, a las 11:33, RYUJI WAKIKAWA escribió: > Hi All, > > Thanks for all your comments. I agree with George and see the > progress. > > I treated this action as a consensus. > We will not include the Ben's solution in the MCoA and leave it to > other work. > > thanks, > ryuji > > > > On 2008/01/31, at 20:08, George Tsirtsis wrote: > >> I am of course also interested in this work. I guess we already have >> enough people to get the ball rolling on this. >> >> Thanks >> George >> >> On Jan 31, 2008 10:59 AM, Suresh Krishnan <suresh.krishnan@ericsson.com >>> wrote: >>> Hi Marcelo, >>> I am willing to work on a generic MIPv6 threats document along >>> with the other interested people. >>> >>> Cheers >>> Suresh >>> >>> -----Original Message----- >>> From: marcelo bagnulo braun [mailto:marcelo@it.uc3m.es] >>> Sent: January 31, 2008 11:13 AM >>> To: Wassim Haddad >>> Cc: Julien Laganier; mext@ietf.org >>> >>> Subject: Re: [MEXT] re-direction attack on MCoA >>> >>> >>> El 30/01/2008, a las 19:16, Wassim Haddad escribió: >>>> >>>> => As there is a clear interest in the redirection attack on the HA >>>> side, I volunteer to do some work on this one. >>>> >>> >>> I think the work should be general to all residual threats on MIP as >>> George mentioned, i think this would be more interesting since it >>> would allow us to put the different threats in perspective and >>> figure >>> out which ones we should address. >>> >>> >>> >>>> >>>> Regards, >>>> >>>> Wassim H. >>>> >>>> >>>>> El 30/01/2008, a las 18:19, Wassim Haddad escribió: >>>>> >>>>>> Hi Marcelo, >>>>>> IMHO, this topic has to be included as a new item in the new >>>>>> charter and >>>>>> should not be limited to MCoA. >>>>>> Regards, >>>>>> Wassim H. >>>>>> On Wed, 30 Jan 2008, marcelo bagnulo braun wrote: >>>>>>> Pascal, >>>>>>> The question at this point is the following one: do you think >>>>>>> that this threat should be addressed in the MCoA draft itself? >>>>>>> comments? >>>>>>> Regards, marcelo >>>>>>> El 30/01/2008, a las 10:09, Pascal Thubert (pthubert) escribió: >>>>>>>> I agree with Wassim on both mails. >>>>>>>> There's also the situation where the MN/MR might be fooled by >>>>>>>> the >>>>>>>> visited network into believing that the CoA (or its prefix if a >>>>>>>> network >>>>>>>> is attacked as opposed to a host) is on the visited link. DSMIP >>>>>>>> is also >>>>>>>> exposed, in particular with IPv4 CoAs. >>>>>>>> There are many scenarios that do not involve high mobility were >>>>>>>> a 3-way >>>>>>>> or a 4-way handshake could be used to verify the CoA. We have >>>>>>>> proposed >>>>>>>> such a test in section 6 of the RRH draft that uses a triggered >>>>>>>> 2nd BU >>>>>>>> flow to verify the CoA in the first one: >>>>>>>> http://tools.ietf.org/html/draft-thubert-nemo-reverse-routing-header-07# >>>>>>>> section-6 >>>>>>>> Pascal >>>>>>>>> -----Original Message----- >>>>>>>>> From: Wassim Haddad [mailto:whaddad@tcs.hut.fi] >>>>>>>>> Sent: mercredi 30 janvier 2008 09:32 >>>>>>>>> To: Benjamin Lim >>>>>>>>> Cc: 'Julien Laganier'; mext@ietf.org >>>>>>>>> Subject: RE: [MEXT] re-direction attack on MCoA >>>>>>>>> On Wed, 30 Jan 2008, Benjamin Lim wrote: >>>>>>>>>> All in all, what I am trying to say is that tracing only >>>>>>>>>> limits the >>>>>>>>>> effect of the attack from escalating further and not >>>>>>>>>> preventing it. >>>>>>>>> => which (again) also perfectly applies to a single CoA. >>>>>>>>> Regards, >>>>>>>>> Wassim H. >>>>>>>>> _______________________________________________ >>>>>>>>> MEXT mailing list >>>>>>>>> MEXT@ietf.org >>>>>>>>> https://www1.ietf.org/mailman/listinfo/mext >>>>>>>> _______________________________________________ >>>>>>>> MEXT mailing list >>>>>>>> MEXT@ietf.org >>>>>>>> https://www1.ietf.org/mailman/listinfo/mext >>>>>> _______________________________________________ >>>>>> MEXT mailing list >>>>>> MEXT@ietf.org >>>>>> https://www1.ietf.org/mailman/listinfo/mext >>>>> >>>> _______________________________________________ >>>> MEXT mailing list >>>> MEXT@ietf.org >>>> https://www1.ietf.org/mailman/listinfo/mext >>> >>> >>> _______________________________________________ >>> MEXT mailing list >>> MEXT@ietf.org >>> https://www1.ietf.org/mailman/listinfo/mext >>> >>> _______________________________________________ >>> MEXT mailing list >>> MEXT@ietf.org >>> https://www1.ietf.org/mailman/listinfo/mext >>> >> >> _______________________________________________ >> MEXT mailing list >> MEXT@ietf.org >> https://www1.ietf.org/mailman/listinfo/mext > > _______________________________________________ > MEXT mailing list > MEXT@ietf.org > http://www.ietf.org/mailman/listinfo/mext _______________________________________________ MEXT mailing list MEXT@ietf.org http://www.ietf.org/mailman/listinfo/mext From jenn8simply@escortcorp.com Fri Feb 1 09:41:59 2008 Return-Path: <jenn8simply@escortcorp.com> X-Original-To: ietfarch-nemo-archive@core3.amsl.com Delivered-To: ietfarch-nemo-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EE6953A6932 for <ietfarch-nemo-archive@core3.amsl.com>; Fri, 1 Feb 2008 09:41:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: YES X-Spam-Score: 121.54 X-Spam-Level: **************************************************************** X-Spam-Status: Yes, score1.54 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_DSN=1.495, DOS_OE_TO_MX=2.75, GB_ROLEX=5, HELO_DYNAMIC_DHCP=1.398, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_DSBL=0.961, RCVD_IN_NJABL_PROXY=1.643, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX=1.666, URIBL_AB_SURBL, URIBL_BLACK , URIBL_JP_SURBL, URIBL_OB_SURBL, URIBL_RHS_DOB=1.083, URIBL_SBL , URIBL_SC_SURBL, URIBL_WS_SURBL] X-Spam-Report: * 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 1.0000] * 0.7 HOST_EQ_AT HOST_EQ_AT * 1.4 HELO_DYNAMIC_DHCP Relay HELO'd using suspicious hostname (DHCP) * 0.4 HELO_EQ_AT HELO_EQ_AT * 5.0 GB_ROLEX BODY: I don't need a new watch! * 1.5 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level * above 50% * [cf: 100] * 0.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) * 1.5 RAZOR2_CF_RANGE_E4_51_100 Razor2 gives engine 4 confidence level * above 50% * [cf: 100] * 0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% * [cf: 100] * 20 URIBL_BLACK Contains an URL listed in the URIBL blacklist * [URIs: tankseat.com] * 1.1 URIBL_RHS_DOB Contains an URI of a new domain (Day Old Bread) * [URIs: tankseat.com] * 10 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist * [URIs: tankseat.com] * 10 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist * [URIs: tankseat.com] * 10 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist * [URIs: tankseat.com] * 10 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist * [URIs: tankseat.com] * 10 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist * [URIs: tankseat.com] * 1.5 DNS_FROM_RFC_DSN RBL: Envelope sender in dsn.rfc-ignorant.org * 0.9 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * [81.10.174.4 listed in dnsbl.sorbs.net] * 1.6 RCVD_IN_NJABL_PROXY RBL: NJABL: sender is an open proxy * [81.10.174.4 listed in combined.njabl.org] * 2.0 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net * [Blocked - see <http://www.spamcop.net/bl.shtml?81.10.174.4>] * 0.9 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL * [81.10.174.4 listed in zen.spamhaus.org] * 3.0 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL * 1.0 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org * [<http://dsbl.org/listing?81.10.174.4>] * 20 URIBL_SBL Contains an URL listed in the SBL blocklist * [URIs: tankseat.com] * 0.1 RDNS_DYNAMIC Delivered to trusted network by host with * dynamic-looking rDNS * 1.7 SARE_SPEC_ROLEX Rolex watch spam * 2.8 DOS_OE_TO_MX Delivered direct to MX with OE headers Received: from core3.amsl.com ([127.0.0.1]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vg7a2ihMISj7 for <ietfarch-nemo-archive@core3.amsl.com>; Fri, 1 Feb 2008 09:41:58 -0800 (PST) Received: from cm174-4.liwest.at (cm174-4.liwest.at [81.10.174.4]) by core3.amsl.com (Postfix) with ESMTP id A86E53A69F1 for <nemo-archive@lists.ietf.org>; Fri, 1 Feb 2008 09:41:01 -0800 (PST) Message-ID: <000701c864f9$071d456f$0a43d381@ajtyh> From: "jerold kinson" <jenn8simply@escortcorp.com> To: "Terry Otto" <nemo-archive@lists.ietf.org> Subject: ***SPAM*** 121.54 (5) exclusive watches, lowest prices possible rolex Date: Fri, 01 Feb 2008 15:55:13 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.3138 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 The finest of luxury timepieces at the LOWEST prices!! http://tankseat.com/
- [MEXT] re-direction attack on MCoA RYUJI WAKIKAWA
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA RYUJI WAKIKAWA
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- Re: [MEXT] re-direction attack on MCoA Vijay Devarapalli
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- Re: [MEXT] re-direction attack on MCoA George Tsirtsis
- Re: [MEXT] re-direction attack on MCoA Julien Laganier
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Wassim Haddad
- RE: [MEXT] re-direction attack on MCoA Pascal Thubert (pthubert)
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- RE: [MEXT] re-direction attack on MCoA Suresh Krishnan
- Re: [MEXT] re-direction attack on MCoA George Tsirtsis
- Re: [MEXT] re-direction attack on MCoA Jean-Michel Combes
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA Pascal Thubert (pthubert)
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- [MEXT] MIP threats (Re: re-direction attack on MC… Lakshminath Dondeti
- Re: [MEXT] MIP threats (Re: re-direction attack o… marcelo bagnulo braun
- Re: [MEXT] MIP threats (Re: re-direction attack o… George Tsirtsis