Re: [Tsvwg] SCTP and ICMP Protocol Unreachable
Stephane Chazelas <Stephane@artesyncp.com> Fri, 22 September 2006 10:24 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GQiCY-00047b-A1; Fri, 22 Sep 2006 06:24:10 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GQiCW-00047G-Ow for tsvwg@ietf.org; Fri, 22 Sep 2006 06:24:08 -0400
Received: from caly80.spider.com ([194.217.109.12]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GQiCV-0007sO-9k for tsvwg@ietf.org; Fri, 22 Sep 2006 06:24:08 -0400
Received: from no.name.available by caly80.spider.com via smtpd (for stiedprmail1.ietf.org [156.154.16.150]) with ESMTP; Fri, 22 Sep 2006 11:24:07 +0100
Received: from mailhub.spider.com (mailhub.spider.com [212.240.99.13]) by caly80.spider.com (Postfix) with ESMTP id 3A03B6F56; Fri, 22 Sep 2006 11:24:06 +0100 (BST)
Received: from mailhub.spider.com by mailhub.spider.com via smtpd (for [172.16.254.22] [172.16.254.22]) with ESMTP; Fri, 22 Sep 2006 11:24:06 +0100
Received: from ant.artesyncp.com ([10.95.129.182]) by batistuta.spider.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id T24275RB; Fri, 22 Sep 2006 11:18:23 +0100
Received: from stephane by ant.artesyncp.com with local (Exim 4.63) (envelope-from <stephane@artesyncp.com>) id 1GQiCU-00030G-2g; Fri, 22 Sep 2006 11:24:06 +0100
Date: Fri, 22 Sep 2006 11:24:06 +0100
From: Stephane Chazelas <Stephane@artesyncp.com>
To: Randall Stewart <rrs@cisco.com>, sctp-impl@cisco.com, Michael Tuexen <Michael.Tuexen@micmac.franken.de>, sctp-impl@external.cisco.com, IETF Transport Area Mailing List <tsvwg@ietf.org>
Subject: Re: [Tsvwg] SCTP and ICMP Protocol Unreachable
Message-ID: <20060922102406.GD28642@artesyncp.com>
Mail-Followup-To: Randall Stewart <rrs@cisco.com>, sctp-impl@cisco.com, Michael Tuexen <Michael.Tuexen@micmac.franken.de>, sctp-impl@external.cisco.com, IETF Transport Area Mailing List <tsvwg@ietf.org>
References: <20060920055135.A30614@openss7.org> <9C48BA4E-7C94-4EF6-B2FD-3AD374552CF3@micmac.franken.de> <20060920120115.A5094@openss7.org> <2FB2577B-5E0D-4565-BD75-C8CFCD924D95@micmac.franken.de> <20060920123634.A6026@openss7.org> <451266D7.9090202@lakerest.net> <20060921132657.GF28221@artesyncp.com> <4512E2ED.8010702@cisco.com> <20060922095157.GC28642@artesyncp.com> <20060922041332.A13611@openss7.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20060922041332.A13611@openss7.org>
User-Agent: mutt-ng/devel-r562 (Linux)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc:
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
Errors-To: tsvwg-bounces@ietf.org
On Fri, Sep 22, 2006 at 04:13:32AM -0600, Brian F. G. Bidulock wrote: > Stephane, > > Stephane Chazelas wrote: (Fri, 22 Sep 2006 10:51:57) > > > > http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-sctpthreat-01.txt > > > > 5) is taken care of by the change to the RFC that every address > > must be confirmed first. So that only heartbeats are sent to the > > victims > > Well, no. That was Michael's point (I believe): if you only mark the > destination unusable you will be sending another nonce-HB to the next > destination soon. If you aborted the association in response to the > ICMP, only one nonce-HB would be sent. Thus you reintroduce the > amplification if you mark destinations or ignore ICMP. [...] Yes, but in that case the next HB is only sent after a timeout (getting longer and longer) while in the 6) case, because the association is aborted immediately, the attacker is able to cause another HB to be sent straight away. Another question is: what would be the motive of the attacker? Can he clog a network that way? A HB would be rather harmless to the victim, especially if it doesn't support SCTP. Best regards, Stephane
- [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- [Tsvwg] draft-ietf-tsvwg-addip-sctp-15.txt: Addin… Ivan.Arias-Rodriguez
- Re: [Tsvwg] draft-ietf-tsvwg-addip-sctp-15.txt: A… Mark Butler
- RE: [Tsvwg] draft-ietf-tsvwg-addip-sctp-15.txt: A… Ivan.Arias-Rodriguez
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] draft-ietf-tsvwg-addip-sctp-15.txt: A… Mark Butler
- RE: [Tsvwg] draft-ietf-tsvwg-addip-sctp-15.txt: A… Ivan.Arias-Rodriguez
- Re: [Tsvwg] draft-ietf-tsvwg-addip-sctp-15.txt: A… Mark Butler
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Randall Stewart
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Stephane Chazelas
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Michael Tuexen
- Re: [Tsvwg] SCTP and ICMP Protocol Unreachable Brian F. G. Bidulock