Re: [pim] DoS protection for PIM-SSM
Pekka Savola <pekkas@netcore.fi> Mon, 11 April 2005 14:20 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA16761 for <pim-archive@lists.ietf.org>; Mon, 11 Apr 2005 10:20:21 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DKzds-0001Ms-Ju; Mon, 11 Apr 2005 10:11:56 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DKzdp-0001Lk-T4 for pim@megatron.ietf.org; Mon, 11 Apr 2005 10:11:54 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA15937 for <pim@ietf.org>; Mon, 11 Apr 2005 10:11:35 -0400 (EDT)
Received: from netcore.fi ([193.94.160.1]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DKzmw-0000if-PN for pim@ietf.org; Mon, 11 Apr 2005 10:21:20 -0400
Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id j3BEBCv18787; Mon, 11 Apr 2005 17:11:12 +0300
Date: Mon, 11 Apr 2005 17:11:11 +0300
From: Pekka Savola <pekkas@netcore.fi>
To: James Courtier-Dutton <james.dutton@gmail.com>
Subject: Re: [pim] DoS protection for PIM-SSM
In-Reply-To: <ad2655cb050411022623b63588@mail.gmail.com>
Message-ID: <Pine.LNX.4.61.0504111710090.18662@netcore.fi>
References: <ad2655cb050411022623b63588@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 79899194edc4f33a41f49410777972f8
Cc: pim@ietf.org
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
Sender: pim-bounces@ietf.org
Errors-To: pim-bounces@ietf.org
On Mon, 11 Apr 2005, James Courtier-Dutton wrote: > I have been considering a number of possible attacks on PIM-SM networks. > 1) Sending (S,G) data to existing broadcast G. > 2) Sending (S,G) data to many G for one S. > 3) Sending (S,G) data to many different S for one or more G. > 4) Sending Joins to many S for one or more G (or (*,G)). > 5) Sending Joins to many G for one S. > > 1) to 5) all present a DoS on PIM-SM. > But only 5) presents a DoS on PIM-SSM (Source specific Multicast). You might be interested in checking out: draft-ietf-mboned-mroutesec-04.txt (in RFC-editor's queue) and draft-savola-pim-lasthop-threats-01.txt. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ pim mailing list pim@ietf.org https://www1.ietf.org/mailman/listinfo/pim
- [pim] DoS protection for PIM-SSM James Courtier-Dutton
- Re: [pim] DoS protection for PIM-SSM Pekka Savola
- Re: [pim] DoS protection for PIM-SSM Mark Handley