[T2TRG] I-D Action: draft-irtf-t2trg-amplification-attacks-03.txt
internet-drafts@ietf.org Wed, 21 February 2024 16:48 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: t2trg@irtf.org
Delivered-To: t2trg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D4D9C14F70A; Wed, 21 Feb 2024 08:48:02 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: t2trg@irtf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.5.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: t2trg@irtf.org
Message-ID: <170853408262.56865.4870994441595193102@ietfa.amsl.com>
Date: Wed, 21 Feb 2024 08:48:02 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/9w8djNtBIwg84Vp7GMOwbL-4pG0>
Subject: [T2TRG] I-D Action: draft-irtf-t2trg-amplification-attacks-03.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.39
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2024 16:48:02 -0000
Internet-Draft draft-irtf-t2trg-amplification-attacks-03.txt is now available. It is a work item of the Thing-to-Thing (T2TRG) RG of the IRTF. Title: Amplification Attacks Using the Constrained Application Protocol (CoAP) Authors: John Preuß Mattsson Göran Selander Christian Amsüss Name: draft-irtf-t2trg-amplification-attacks-03.txt Pages: 14 Dates: 2024-02-21 Abstract: Protecting Internet of Things (IoT) devices against attacks is not enough. IoT deployments need to make sure that they are not used for Distributed Denial-of-Service (DDoS) attacks. DDoS attacks are typically done with compromised devices or with amplification attacks using a spoofed source address. This document gives examples of different theoretical amplification attacks using the Constrained Application Protocol (CoAP). The goal with this document is to raise awareness and to motivate generic and protocol-specific recommendations on the usage of CoAP. Some of the discussed attacks can be mitigated by not using NoSec or by using the Echo option. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-irtf-t2trg-amplification-attacks/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-irtf-t2trg-amplification-attacks-03.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-irtf-t2trg-amplification-attacks-03 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts
- [T2TRG] I-D Action: draft-irtf-t2trg-amplificatio… internet-drafts