[pim] last-hop threats by hosts to PIM
Pekka Savola <pekkas@netcore.fi> Tue, 23 November 2004 10:03 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA22396 for <pim-archive@lists.ietf.org>; Tue, 23 Nov 2004 05:03:32 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CWXSY-0008EY-Gj; Tue, 23 Nov 2004 04:59:42 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CWXKn-0006Bj-4V for pim@megatron.ietf.org; Tue, 23 Nov 2004 04:51:42 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA21464 for <pim@ietf.org>; Tue, 23 Nov 2004 04:51:38 -0500 (EST)
Received: from netcore.fi ([193.94.160.1]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CWXOQ-00058P-Ac for pim@ietf.org; Tue, 23 Nov 2004 04:55:26 -0500
Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id iAN9p6607636 for <pim@ietf.org>; Tue, 23 Nov 2004 11:51:06 +0200
Date: Tue, 23 Nov 2004 11:51:06 +0200
From: Pekka Savola <pekkas@netcore.fi>
To: pim@ietf.org
Message-ID: <Pine.LNX.4.61.0411231146440.7539@netcore.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465
Subject: [pim] last-hop threats by hosts to PIM
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
Sender: pim-bounces@ietf.org
Errors-To: pim-bounces@ietf.org
Hi,
Based on the discussions on the list, and encouragement from a couple
of people, plus a suggestion that it might make sense to try to attack
this problem separately from the IGMP/MLD perspective, I've written a
short I-D (only 10 pages, including the boilerplates!) on the last-hop
threats by hosts to PIM:
Abstract
Security threats analysis has been done on some parts of the
multicast infrastructure, but the threats specific to the last-hop
attacks by hosts on the PIM routing protocol have not been well
described in the past. This memo aims to fill that gap.
It has been submitted, but in the interim, available at:
http://www.netcore.fi/pekkas/ietf/draft-savola-pim-lasthop-threats-00.txt
This complements I-D.ietf-mboned-mroutesec and
I-D.daley-magma-smld-prob.
Feedback is welcome!
In particular, I would be interested in getting expert opinion on the
following XXX points:
It seems that a DR can send PIM messages (like Prune/Join) to the
non-DR to be forwarded upstream on behalf of directly connected (to
both DR and non-DR) sources. In other words, a host on a stub LAN
can be elected as a DR and act as a "man-in-the-middle" between the
other hosts and the real PIM router. [XXX: Is this correct? Should
non-DRs reject forwarding upstream messages from downstream LAN's
DRs, because a real DR should have its own upstream connectivity?]
...
With a PIM Assert, a router can be elected to be in charge of
handling all traffic from a particular (S,G) (where S might also be
all of S? [XXX: true?]). This overrides DR behaviour.
...
As noted before, it is also possible to spoof an Assert on someone
else's behalf to cause a temporary disruption on the LAN. However,
it is not 100% clear what happens when the router which was spoofed
receives "it's own assert" and CouldAssert(S,G,I) is False? [XXX: a
PIM expert should say something? Is this an issue in the state
machine?]
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
_______________________________________________
pim mailing list
pim@ietf.org
https://www1.ietf.org/mailman/listinfo/pim
- [pim] last-hop threats by hosts to PIM Pekka Savola
- [pim] last-hop threats by hosts to PIM (fwd) Pekka Savola
- Re: [pim] last-hop threats by hosts to PIM (fwd) Beau Williamson
- RE: [pim] last-hop threats by hosts to PIM (fwd) James Lingard
- RE: [pim] last-hop threats by hosts to PIM (fwd) Pekka Savola