Re: Attacking BFD with NULL auth
Jeffrey Haas <jhaas@pfrc.org> Tue, 06 February 2024 18:47 UTC
Return-Path: <jhaas@pfrc.org>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3C1BC14F6BB for <rtg-bfd@ietfa.amsl.com>; Tue, 6 Feb 2024 10:47:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 46_0VfS5MOYZ for <rtg-bfd@ietfa.amsl.com>; Tue, 6 Feb 2024 10:47:24 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 99F20C14F5EE for <rtg-bfd@ietf.org>; Tue, 6 Feb 2024 10:47:24 -0800 (PST)
Received: from smtpclient.apple (172-125-100-52.lightspeed.livnmi.sbcglobal.net [172.125.100.52]) by slice.pfrc.org (Postfix) with ESMTPSA id 891511E039; Tue, 6 Feb 2024 13:47:23 -0500 (EST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.4\))
Subject: Re: Attacking BFD with NULL auth
From: Jeffrey Haas <jhaas@pfrc.org>
In-Reply-To: <3CB1BECB-D162-48DF-A5C0-FC230B8109CF@juniper.net>
Date: Tue, 06 Feb 2024 13:47:23 -0500
Cc: "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <AE03BCC5-8CFF-4883-A210-7A703766BB02@pfrc.org>
References: <336054A1-4729-446B-BE73-832650B75BED@pfrc.org> <3CB1BECB-D162-48DF-A5C0-FC230B8109CF@juniper.net>
To: John Scudder <jgs@juniper.net>
X-Mailer: Apple Mail (2.3696.120.41.1.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/0I1aD63WQQaxCuAm1kQ_oFWHQ-g>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Feb 2024 18:47:29 -0000
John, > On Feb 6, 2024, at 11:00 AM, John Scudder <jgs@juniper.net> wrote: > > You’re assuming either an on-LAN attacker (and therefore, that BFD is being used on a multiaccess medium) or multihop BFD here, I take it? Because RFC 5881 tells me GTSM is required if there’s no other authentication. Correct. Largely the "person in the middle" style attacks. -- Jeff
- Attacking BFD with NULL auth Jeffrey Haas
- Re: Attacking BFD with NULL auth John Scudder
- Re: Attacking BFD with NULL auth Jeffrey Haas
- Re: Attacking BFD with NULL auth Reshad Rahman
- Re: Attacking BFD with NULL auth Jeffrey Haas
- Re: Attacking BFD with NULL auth Reshad Rahman
- Re: Attacking BFD with NULL auth Jeffrey Haas
- Re: Attacking BFD with NULL auth Reshad Rahman
- Re: Attacking BFD with NULL auth Jeffrey Haas
- Re: Attacking BFD with NULL auth Reshad Rahman
- Re: Attacking BFD with NULL auth Reshad Rahman