Re: [RPSEC] Re: draft-convery-bgpattack-00
Sean Convery <sean@cisco.com> Tue, 12 November 2002 19:23 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA11040 for <rpsec-archive@odin.ietf.org>; Tue, 12 Nov 2002 14:23:08 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id gACJPGX23271 for rpsec-archive@odin.ietf.org; Tue, 12 Nov 2002 14:25:16 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id gACJPFv23268 for <rpsec-web-archive@optimus.ietf.org>; Tue, 12 Nov 2002 14:25:15 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA10992 for <rpsec-web-archive@ietf.org>; Tue, 12 Nov 2002 14:22:37 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id gACJP2v23217; Tue, 12 Nov 2002 14:25:02 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id gACJJnv23011 for <rpsec@optimus.ietf.org>; Tue, 12 Nov 2002 14:19:49 -0500
Received: from sj-msg-core-1.cisco.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA10823 for <rpsec@ietf.org>; Tue, 12 Nov 2002 14:17:11 -0500 (EST)
Received: from sj-msg-av-2.cisco.com (sj-msg-av-2.cisco.com [171.70.145.31]) by sj-msg-core-1.cisco.com (8.12.2/8.12.2) with ESMTP id gACJJhIX012346; Tue, 12 Nov 2002 11:19:43 -0800 (PST)
Received: from nisser.cisco.com (localhost [127.0.0.1]) by sj-msg-av-2.cisco.com (8.12.2/8.12.2) with ESMTP id gACJJWOZ019147; Tue, 12 Nov 2002 11:19:32 -0800 (PST)
Received: from 172.16.30.208 (sjc-vpn1-595.cisco.com [10.21.98.83]) by nisser.cisco.com (8.8.6 (PHNE_14041)/CISCO.SERVER.1.2) with ESMTP id LAA20169; Tue, 12 Nov 2002 11:19:39 -0800 (PST)
Date: Tue, 12 Nov 2002 11:19:27 -0800
From: Sean Convery <sean@cisco.com>
Subject: Re: [RPSEC] Re: draft-convery-bgpattack-00
To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
cc: rpsec@ietf.org
X-Priority: 3
In-Reply-To: <200211051702.gA5H2qWV016669@marajade.sandelman.ottawa.on.ca>
Message-ID: <r01050400-1021-B562A354F67311D69B890003939CDD90@[172.16.30.208]>
MIME-Version: 1.0
Content-Type: text/plain; Charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Mailsmith 1.5.4 (Blindsider)
Content-Transfer-Encoding: 7bit
Sender: rpsec-admin@ietf.org
Errors-To: rpsec-admin@ietf.org
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
On 11/5/02 at 12:02 PM, mcr@sandelman.ottawa.on.ca wrote: > > BTW, I found the AND/OR stuff difficult to follow. > It seems you can write: > (A || B || C) && D > > as: > OR A > B > C > AND D > > What's weird is that the OR is to the left of the first item (prefix), while the >AND is between C and D (infix). > Perhaps I am misreading, and in fact the above describes: > A || B || (C && D) What it should mean is (A or B or C) AND D as in: Attack: OR 1. Send message to router causing reset OR 1. Send RST message to TCP stack 2. Send BGP Message OR 1. Notify 2. Open 3. Keepalive AND 3. TCP Sequence number Attack (Appendix A.4) 2. Alter configuration via. compromised router (Appendix A.1) You can send message causing a reset by 1. sending the message to the TCP stack, or 2. sending a BGP message. But in both cases you need 3. the TCP sequence number attack. There shouldn't be any cases where an AND or OR is between two numbers. it should alway be on the same line as a goal on the tree. We tried to explain the notation in the Intro section. If you can provide some specific comments on how to make this better (short of rewriting the CERT paper :)) we'd love to hear them. Thanks, Sean _______________________________________________ RPSEC mailing list RPSEC@ietf.org https://www1.ietf.org/mailman/listinfo/rpsec
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Joachim Jensen
- RE: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- [RPSEC] draft-convery-bgpattack-00 Sean Convery
- Re: [RPSEC] draft-convery-bgpattack-00 Damir Rajnovic
- [RPSEC] Re: draft-convery-bgpattack-00 David G. Boney
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] draft-convery-bgpattack-00 Christopher Lonvick
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Birger Toedtmann
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Randy Bush
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Michael Richardson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Birger Toedtmann
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- [RPSEC] prefix origin authentication (was Re: dra… Michael Richardson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Michael Richardson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Tony Tauber
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Danny McPherson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Michael Richardson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Sean Convery
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Sean Convery
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Larry J. Blunk
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Barry Raveendran Greene
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Michael Richardson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Michael Richardson
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Barry Raveendran Greene
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- RE: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Randy Bush
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Jeffrey Haas
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Charles Lynn
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Susan Hares
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- Re: [RPSEC] Re: draft-convery-bgpattack-00 sandy
- Aggregation in S-BGP was RE: [RPSEC] Re: draft-co… Charles Lynn
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Joel M. Halpern
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Randy Bush
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Iljitsch van Beijnum
- [RPSEC] Potential requirements Charles Lynn
- Re: [RPSEC] Potential requirements Iljitsch van Beijnum
- RE: [RPSEC] Re: draft-convery-bgpattack-00 Stephen Kent
- Re: [RPSEC] Potential requirements Tony Tauber
- Re: [RPSEC] Potential requirements Steve Suehring
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Sean Convery
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Sean Convery
- Re: [RPSEC] Re: draft-convery-bgpattack-00 Michael Richardson