IETF Logo Mail Archive

Re: [tcpm] ICMP attacks draft (issue 1): hard errors -> soft errors (in synchronized states)

Fernando Gont <fernando@gont.com.ar> Fri, 30 September 2005 19:01 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ELQ8q-00089T-Pm; Fri, 30 Sep 2005 15:01:56 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ELQ8p-00087j-5C for tcpm@megatron.ietf.org; Fri, 30 Sep 2005 15:01:55 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA29520 for <tcpm@ietf.org>; Fri, 30 Sep 2005 15:01:53 -0400 (EDT)
Received: from server.frh.utn.edu.ar ([170.210.17.146] ident=qmailr) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ELQGi-0006Wc-4D for tcpm@ietf.org; Fri, 30 Sep 2005 15:10:06 -0400
Received: (qmail 6799 invoked from network); 30 Sep 2005 19:01:03 -0000
Received: from unknown (HELO fgont.gont.com.ar) (gont-fernando@10.0.10.7) by server.frh.utn.edu.ar with SMTP; 30 Sep 2005 19:01:03 -0000
Message-Id: <6.2.0.14.0.20050930155718.05963118@pop.frh.utn.edu.ar>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.0.14
Date: Fri, 30 Sep 2005 16:01:31 -0300
To: Joe Touch <touch@ISI.EDU>
From: Fernando Gont <fernando@gont.com.ar>
Subject: Re: [tcpm] ICMP attacks draft (issue 1): hard errors -> soft errors (in synchronized states)
In-Reply-To: <433D85BD.4020204@isi.edu>
References: <6.2.0.14.0.20050923075214.0428faa8@pop.frh.utn.edu.ar> <433411E2.3020005@isi.edu> <6.2.0.14.0.20050923125332.04320008@pop.frh.utn.edu.ar> <20050923165017.GD10959@pun.isi.edu> <6.2.0.14.0.20050927015438.07c2a418@pop.frh.utn.edu.ar> <20050930174011.GK999@pun.isi.edu> <6.2.0.14.0.20050930150854.0592eee0@pop.frh.utn.edu.ar> <433D85BD.4020204@isi.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793
Cc: tcpm@ietf.org, Ted Faber <faber@ISI.EDU>
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

At 03:36 p.m. 30/09/2005, Joe Touch wrote:

> >> Joe's described a
> >> situation (that consists of many different possible causes) where
> >> listening to that ICMP is perfectly reasonable.
> >> An application's always welcome to shoot itself from TCP's perspective.
> >
> > I mean that even when you treat the hard error as soft error, you still
> > notify it to the application. The application can, upon this
> > notification, cause the connection to be aborted.
>
>FWIW, the application can't do much with ICMPs it didn't expect to be
>notified about. So this change requires not only a change to TCP, but a
>change to every application that might be affected. That's worth noting
>(if not reconsidering the implications of).

Strictly speaking, here should be a way to notify applications of the 
received ICMP messages (as per RFC1122). Yes, in practice this would mean 
that applications should be modified. What I mean is that, in the event you 
still want to abort a connection upon receipt of an ICMP message, you can 
do so at the application layer, when you are notified (if you have decided 
to) of the received ICMP messages.



> >> If you've got questions about the motivations for and support of
> >> tcpsecure, there's no need to be coy - no need to make such comments
> >> conditionally.  :-)
> >>
> >> Right now, it sounds like the answer to your question is "yes, the WG
> >> supports the tcp secure changes, independently of the changes proposed
> >> here."
> >
> > My argument is: Why would an attacker bother to guess a TCP sequence
> > number, when it can reset a conenction much more trivially by means of
> > ICMP?
> >
> > "The strength of  a chain is that of the weakest link", I mean.
>
>But TCP-antispoof explains that the chain is already sufficiently weak
>in many cases even if you try to fix ICMP.

It's weak. But we are making it weaker unnecessarily.


--
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org






_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email