IETF Logo Mail Archive

Re: [shara] port randomization (draft-ymbk-aplusp-03)

<pierre.levis@orange-ftgroup.com> Tue, 17 March 2009 07:40 UTC

Return-Path: <pierre.levis@orange-ftgroup.com>
X-Original-To: shara@core3.amsl.com
Delivered-To: shara@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C1D5E3A69A2 for <shara@core3.amsl.com>; Tue, 17 Mar 2009 00:40:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.998
X-Spam-Level:
X-Spam-Status: No, score=-2.998 tagged_above=-999 required=5 tests=[AWL=0.251, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ByORMIXX8w4t for <shara@core3.amsl.com>; Tue, 17 Mar 2009 00:40:13 -0700 (PDT)
Received: from p-mail2.rd.francetelecom.com (p-mail2.rd.francetelecom.com [195.101.245.16]) by core3.amsl.com (Postfix) with ESMTP id 83CD43A6946 for <shara@ietf.org>; Tue, 17 Mar 2009 00:40:12 -0700 (PDT)
Received: from ftrdmel1.rd.francetelecom.fr ([10.193.117.152]) by ftrdsmtp1.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.3959); Tue, 17 Mar 2009 08:40:54 +0100
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Tue, 17 Mar 2009 08:40:52 +0100
Message-ID: <D109C8C97C15294495117745780657AE0B72DE03@ftrdmel1>
In-Reply-To: <49BD676F.9020703@go6.si>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [shara] port randomization (draft-ymbk-aplusp-03)
Thread-Index: AcmlriA+vi6iHgtBQ5azDG73Uy6nBgBIAU2Q
References: <022a01c9a2ab$fd5abf60$fd736b80@cisco.com><49B91C8B.5010906@go6.si><04a201c9a338$d5ce8f70$fd736b80@cisco.com><49B9752B.8030407@go6.si><986DCE2E44129444B6435ABE8C9E424D02E0DFA1@SGSINSMBS02.ad4.ad.alcatel.com> <49BD676F.9020703@go6.si>
From: <pierre.levis@orange-ftgroup.com>
To: <jan@go6.si>
X-OriginalArrivalTime: 17 Mar 2009 07:40:54.0475 (UTC) FILETIME=[B3FC81B0:01C9A6D3]
Cc: shara@ietf.org
Subject: Re: [shara] port randomization (draft-ymbk-aplusp-03)
X-BeenThere: shara@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Sharing of an IPv4 Address discussion list <shara.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/shara>, <mailto:shara-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shara>
List-Post: <mailto:shara@ietf.org>
List-Help: <mailto:shara-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shara>, <mailto:shara-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2009 07:40:13 -0000

The problem of port randomization with port range solutions comes from the fact that when an attacker knows the port range (it he does not know it the problem is somehow different), the smaller the port range is, the more predictable the port choice is.

I would like to re-ask a question previously raised by Jan Zorz:

Do we know how many ports we need to put into a port range to see this effect mitigated?
If a proposed randomization algorithm works well for 50,000 ports, what level of efficiency does it achieve for 10,000 ports?
What is the threshold under which randomization is definitely not properly achieved?


Is there a quantitative response?


Pierre




-----Message d'origine-----
De : shara-bounces@ietf.org [mailto:shara-bounces@ietf.org] De la part de Jan Zorz @ go6.si
Envoyé : dimanche 15 mars 2009 21:39
À : MILES DAVID
Cc : shara@ietf.org
Objet : Re: [shara] port randomization (draft-ymbk-aplusp-03)


> I agree with Jan's suggestion of port randomization within a port-range.
> It would be good to see this in CGN as well.
>   
Appreciate.

Thnx, /jan
> Regards,
>
> -David
>   

_______________________________________________
shara mailing list
shara@ietf.org
https://www.ietf.org/mailman/listinfo/shara

v2.8.7 | Report a Bug | By Email