Re: [tcpm] ICMP attacks draft
Fernando Gont <fernando@gont.com.ar> Wed, 19 July 2006 23:31 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G3LVh-0005JV-EP; Wed, 19 Jul 2006 19:31:21 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G3LVg-0005JQ-Da for tcpm@ietf.org; Wed, 19 Jul 2006 19:31:20 -0400
Received: from venus.xmundo.net ([201.216.232.56]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G3LVe-0005Mk-Pq for tcpm@ietf.org; Wed, 19 Jul 2006 19:31:20 -0400
Received: from fgont.gont.com.ar (171-180-231-201.fibertel.com.ar [201.231.180.171]) (authenticated bits=0) by venus.xmundo.net (8.12.11/8.12.11) with ESMTP id k6JNTbEj013695; Wed, 19 Jul 2006 20:30:16 -0300
Message-Id: <7.0.1.0.0.20060719200945.0625ec08@gont.com.ar>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Wed, 19 Jul 2006 20:22:54 -0300
To: Joe Touch <touch@ISI.EDU>
From: Fernando Gont <fernando@gont.com.ar>
Subject: Re: [tcpm] ICMP attacks draft
In-Reply-To: <44BE4C27.1010600@isi.edu>
References: <0C53DCFB700D144284A584F54711EC5801D9592B@xmb-sjc-21c.amer.cisco.com> <7.0.1.0.0.20060715153423.08601b58@gont.com.ar> <44BB1882.6030904@isi.edu> <7.0.1.0.0.20060717052818.064b28b8@gont.com.ar> <44BCE4FA.1050602@isi.edu> <7.0.1.0.0.20060718160252.066880d8@gont.com.ar> <44BD514C.2090704@isi.edu> <7.0.1.0.0.20060718192327.0427b290@gont.com.ar> <44BD7441.9050206@isi.edu> <7.0.1.0.0.20060719031923.04a637f0@gont.com.ar> <44BE4C27.1010600@isi.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 00e94c813bef7832af255170dca19e36
Cc: tcpm@ietf.org, "Anantha Ramaiah (ananth)" <ananth@cisco.com>
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org
At 12:13 19/07/2006, Joe Touch wrote: > > I understand what you mean. However, the message codes to which we are > > changing from hard to soft errors (protocol unreachable and port > > unreachable) are not the ones that would reflect a routing change. > >Sorry - long time since I got into this level of detail. We're talking >about dest unreachable codes 2-4, i.e.: > 2 protocol > 3 port > 4 frag needed and DF set > >Changing these from hard to soft AFTER connection establishment means: > > - slower reaction (if at all?) to host reconfiguration > 2,3 - dynamic reloading of protocol module fails Agreed in the case of protocol unreachable. But for port unreachable, the protocol module is there. > 3 - unexpected application termination (?) > although TCP can send a RST in this case, > ICMP should also generate port unreachable (?) What I recall is that the idea of making TCP abort connections upon receipt of port unreach had to do with accomodating implementation that rejected connection requests with ICMP port unreachables, rather than with RSTs. In the case of TCP, only RSTs should be sent. As a matter of fact, sending both RSTs and port unreachables could be used by an attacker as a bandwidth amplifier. >Reloading protocols isn't unheard of (netgraph, etc.). Failure of that >protocol has many consequences, and at some level nonresponsiveness is >its own signal, but softening these signals basically means you are >assuming that protocols don't change once a connection is up. That's a >NEW assumption and should be noted. Agreed. In this case, we are limiting the discussion to TCP, though. > - slower/no reaction to path change > 4 - change in path MTU IMHO, this would kill robustness. In TCP, you implement PMTUD, or don't set the DF bit. >As to the case where ICMP Frag needed should generate a hard error, >consider: > - simple TCP stack that lacks PMTUD > - an intermediate device sets the DF bit > >I saw that case a few years ago. Changing hard to soft changes reaction >to that event Well, that seems non-compliant, anyway. Also, for robustness-sake, you probably don't have many choices other than keep retransmitting. Kindest regards, -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 _______________________________________________ tcpm mailing list tcpm@ietf.org https://www1.ietf.org/mailman/listinfo/tcpm
- [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Pekka Savola
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Pekka Savola
- Re: [tcpm] feedcback on tcp-secure-05 Randall Stewart
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Randall Stewart
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Fernando Gont
- RE: [tcpm] feedcback on tcp-secure-05 Fernando Gont
- RE: [tcpm] feedcback on tcp-secure-05 Anantha Ramaiah (ananth)
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- RE: [tcpm] feedcback on tcp-secure-05 Anantha Ramaiah (ananth)
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Ted Faber
- RE: [tcpm] feedcback on tcp-secure-05 Anantha Ramaiah (ananth)
- Re: [tcpm] feedcback on tcp-secure-05 Fernando Gont
- RE: [tcpm] feedcback on tcp-secure-05 Mitesh Dalal (mdalal)
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- RE: [tcpm] feedcback on tcp-secure-05 Anantha Ramaiah (ananth)
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Ted Faber
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Pekka Savola
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Fernando Gont
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Randall Stewart
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05 Fernando Gont
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Fernando Gont
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Ted Faber
- Re: [tcpm] feedcback on tcp-secure-05 Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Ted Faber
- [tcpm] ICMP attacks draft Fernando Gont
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Fernando Gont
- Re: [tcpm] ICMP attacks draft Joe Touch
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Ted Faber
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Fernando Gont
- Re: [tcpm] feedcback on tcp-secure-05: suggested … Ted Faber
- Re: [tcpm] ICMP attacks draft Fernando Gont
- Re: [tcpm] ICMP attacks draft Joe Touch
- Re: [tcpm] ICMP attacks draft Fernando Gont
- Re: [tcpm] ICMP attacks draft Joe Touch