Re: [TERNLI] Forwarding corrupt packets

Michael Tuexen <Michael.Tuexen@lurchi.franken.de> Tue, 05 September 2006 05:49 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GKToo-0005o6-87; Tue, 05 Sep 2006 01:49:54 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GKTom-0005o1-TU for ternli@ietf.org; Tue, 05 Sep 2006 01:49:52 -0400
Received: from mail-n.franken.de ([193.175.24.27] helo=ilsa.franken.de) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GKTol-0004lQ-K0 for ternli@ietf.org; Tue, 05 Sep 2006 01:49:52 -0400
Received: from [192.168.1.50] (p508FCA94.dip.t-dialin.net [80.143.202.148]) by ilsa.franken.de (Postfix) with ESMTP id 68C5C245E3; Tue, 5 Sep 2006 07:49:43 +0200 (CEST) (KNF account authenticated via SMTP-AUTH)
In-Reply-To: <44FCC3D5.4020403@isi.edu>
References: <1157097623.3192.34.camel@lap10-c703.uibk.ac.at> <44F83E74.1080603@isi.edu> <1157121036.3192.148.camel@lap10-c703.uibk.ac.at> <44F84AD5.7070307@isi.edu> <1157131227.3192.220.camel@lap10-c703.uibk.ac.at> <44F8780D.9060503@isi.edu> <1157356740.3197.57.camel@lap10-c703.uibk.ac.at> <85C961BE-2B32-4A31-8235-49CCDCF1332D@lurchi.franken.de> <44FC2484.50201@erg.abdn.ac.uk> <EE4E54BA-BCEB-4DD7-86AB-B2A44A24ACD0@lurchi.franken.de> <44FC2CA7.90602@erg.abdn.ac.uk> <57784F3E-B93A-4D49-AEBA-F1124D952302@lurchi.franken.de> <1157390125.3291.43.camel@lap10-c703.uibk.ac.at> <4E862E2A-DF85-47C1-98A1-991F3CB58B27@lurchi.franken.de> <44FCADA1.5040202@isi.edu> <45186152-9613-4C22-92FF-53BCD2B22337@lurchi.franken.de> <44FCC3D5.4020403@isi.edu>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <FC8103E1-1833-46CE-BF31-925890F0BEFB@lurchi.franken.de>
Content-Transfer-Encoding: 7bit
From: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
Subject: Re: [TERNLI] Forwarding corrupt packets
Date: Tue, 5 Sep 2006 07:49:40 +0200
To: Joe Touch <touch@ISI.EDU>
X-Mailer: Apple Mail (2.752.2)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793
Cc: Randall Stewart <rrs@cisco.com>, ternli@ietf.org
X-BeenThere: ternli@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Transport-Enhancing Refinements to the Network Layer Interface <ternli.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ternli>, <mailto:ternli-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ternli>
List-Post: <mailto:ternli@ietf.org>
List-Help: <mailto:ternli-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ternli>, <mailto:ternli-request@ietf.org?subject=subscribe>
Errors-To: ternli-bounces@ietf.org

Hi Joe,

comments in-line.

Best regards
Michael

On Sep 5, 2006, at 2:24 AM, Joe Touch wrote:

>
>
> Michael Tuexen wrote:
>> Hi Joe,
>>
>> comments in-line.
>>
>> Best regards
>> Michael
>>
>> On Sep 5, 2006, at 12:50 AM, Joe Touch wrote:
>>
>>>
>>>
>>> Michael Tuexen wrote:
>>>> Hi Michael,
>>>>
>>>> see my comments in-line.
>>> ...
>>>> I think we have to consider two cases:
>>>> - An on path attacker....
>>>> - An off path attacker. ...
>>>
>>> Checksums are not protection from attacks.
>> Correct.
>> But the question was could the PKTDRP report be used for an attack.
>
> If it isn't signed, then yes. But that holds for any message.
Correct.
>
>> What
>> I wanted to
>> make clear is the an on path attacker can use it, but he can do this
>> even without PKTDRP.
>> An off path attacker has the same problem as for basic SCTP  
>> without PKTDRP.
>
> Aren't these statements true for any unsigned SCTP message?
Correct. That was my point. SCTP with PKTDRP is not less safe than  
pure SCTP.
>
> Joe
>