Re: OSPF WG Minutes

Paul Jakma <paul@CLUBI.IE> Tue, 16 August 2005 18:37 UTC

Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E56Jo-00045K-CK for ospf-archive@megatron.ietf.org; Tue, 16 Aug 2005 14:37:50 -0400
Received: from cherry.ease.lsoft.com (cherry.ease.lsoft.com [209.119.0.109]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA27743 for <ospf-archive@LISTS.IETF.ORG>; Tue, 16 Aug 2005 14:37:46 -0400 (EDT)
Received: from vms.dc.lsoft.com (209.119.0.2) by cherry.ease.lsoft.com (LSMTP for Digital Unix v1.1b) with SMTP id <14.010CE9A1@cherry.ease.lsoft.com>; Tue, 16 Aug 2005 14:37:45 -0400
Received: by PEACH.EASE.LSOFT.COM (LISTSERV-TCP/IP release 14.4) with spool id 82785341 for OSPF@PEACH.EASE.LSOFT.COM; Tue, 16 Aug 2005 14:37:34 -0400
Received: from 212.17.55.49 by WALNUT.EASE.LSOFT.COM (SMTPL release 1.0m) with TCP; Tue, 16 Aug 2005 14:37:34 -0400
Received: from sheen.jakma.org (sheen.jakma.org [212.17.55.53]) by hibernia.jakma.org (8.13.1/8.13.1) with ESMTP id j7GIbSZ5031838 for <OSPF@peach.ease.lsoft.com>; Tue, 16 Aug 2005 19:37:31 +0100
X-X-Sender: paul@sheen.jakma.org
References: <BB6D74C75CC76A419B6D6FA7C38317B290E932@sinett-sbs.SiNett.LAN> <4301D1F7.2090000@cisco.com>
Mail-Copies-To: paul@hibernia.jakma.org
Mail-Followup-To: paul@hibernia.jakma.org
X-NSA: al aqsar jihad musharef jet-A1 avgas ammonium qran inshallah allah al-akbar martyr iraq saddam hammas hisballah rabin ayatollah korea vietnam revolt mustard gas british airways washington peroxide cool
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Message-ID: <Pine.LNX.4.63.0508161933130.5353@sheen.jakma.org>
Date: Tue, 16 Aug 2005 19:37:28 +0100
Reply-To: Mailing List <OSPF@PEACH.EASE.LSOFT.COM>
Sender: Mailing List <OSPF@PEACH.EASE.LSOFT.COM>
From: Paul Jakma <paul@CLUBI.IE>
Subject: Re: OSPF WG Minutes
To: OSPF@PEACH.EASE.LSOFT.COM
In-Reply-To: <4301D1F7.2090000@cisco.com>
Precedence: list

On Tue, 16 Aug 2005, Acee Lindem wrote:

> You don't mean all the packets do you? You mean all the packets 
> with the last sequence number.

Nah, /all/ packets. 'Kick' the victim router hard enough so it stays 
down. Then wait for the dead-interval and the victim's peers 
will/should forget the sequence number. Then you can replay 
everything.

Though, not sure how you'd get past database exchange, as the 
router-being-spoofed need not use same state (DD sequences, LSA 
seqnum's), etc.

Seems theoretical to me too. ;)

regards,
-- 
Paul Jakma	paul@clubi.ie	paul@jakma.org	Key ID: 64A2FF6A
Fortune:
Nadia Comaneci, simple perfection.
 		-- '76 Olympics