[OSPF] as to 'threat-models' and sophisticated attacks ;-)
"A. Przygienda" <prz@mail.zeta2.ch> Sun, 29 September 2013 15:23 UTC
Return-Path: <prz@mail.zeta2.ch>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D143121F9FA5 for <ospf@ietfa.amsl.com>; Sun, 29 Sep 2013 08:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.638
X-Spam-Level:
X-Spam-Status: No, score=-0.638 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.001, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uQtFZx0-Kdft for <ospf@ietfa.amsl.com>; Sun, 29 Sep 2013 08:22:57 -0700 (PDT)
Received: from www.zeta2.ch (zux172-086.adsl.green.ch [80.254.172.86]) by ietfa.amsl.com (Postfix) with ESMTP id A09DE21F9FBE for <ospf@ietf.org>; Sun, 29 Sep 2013 08:22:55 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by www.zeta2.ch (8.14.4/8.14.4) with ESMTP id r8TFMr8H027057 for <ospf@ietf.org>; Sun, 29 Sep 2013 17:22:53 +0200
X-Virus-Scanned: amavisd-new at zeta2.ch
Received: from www.zeta2.ch ([127.0.0.1]) by localhost (www.zeta2.ch [127.0.0.1]) (amavisd-new, port 10024) with LMTP id AHtuHKEB4Zg2 for <ospf@ietf.org>; Sun, 29 Sep 2013 17:22:53 +0200 (CEST)
Received: from [10.71.12.110] ([63.239.94.10]) (authenticated bits=0) by www.zeta2.ch (8.14.4/8.14.4) with ESMTP id r8TFMnPv026876 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for <ospf@ietf.org>; Sun, 29 Sep 2013 17:22:51 +0200
Message-ID: <524845F5.9030009@zeta2.ch>
Date: Sun, 29 Sep 2013 17:23:33 +0200
From: "A. Przygienda" <prz@mail.zeta2.ch>
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: 'OSPF List' <ospf@ietf.org>
Content-Type: multipart/alternative; boundary="------------060803090508040106060404"
Subject: [OSPF] as to 'threat-models' and sophisticated attacks ;-)
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Sep 2013 15:23:02 -0000
As to the earlier discussion of 'sophisticated threats' and traffic
injections.
An old acquaintace with good amount of scar tissue recently pointed out
to me
a most instructive paper in another areathat interestingly enough
documents what I wrote half in jest a while earlier.
The read is 'B4: Experience with a Globally-Deployed ...' by U. Hoelzle
& rest of Google gang in Aug. SigComm (for the faint of heart, it's an
easy read, light on math, rich on practical experience).
Section 7 documents a ('classical' in my experience) routing control
melt-down as to the ones I experienced over years.
Starting with second most common problem (human configuration error)
leading right into most common problem (i.e. naive implementation not
priotizing lsp/hellos) leading to the (in this case not catastrophical
since when you own the infrastructure of all routers you can reboot them
all) total meltdown (kind of, TE stayed up in frozen state).
The 'conclusions' in the paper are correctwhen also some a tad belated
['We need to test things under load' ;-) ]
Again, entertaining read for all practictioners of the routing game and
in itself quite impressive workin terms of size/volume & novelty of
approach (for the specific use case);-)
--- tony
- [OSPF] as to 'threat-models' and sophisticated at… A. Przygienda