[e2e] Security implications blurring the name/address distinction
Joe Touch
touch at ISI.EDU
Wed Feb 16 08:26:09 PST 2005
David P. Reed wrote:
> Joe -
>
> the classic security community definition of denial of service includes
> TCP RST and PMTU attacks. Neither exposes the content of a message or
> corrupts the content of message - they merely interfere with reliability
> of delivery.
>
> You may want to subdivide "denial of service" into subcategories. But
> ultimately, those attacks deny service. And that's my point.
>
> There is nothing in the classification of security risks that says
> "denial of service" is protocol-independent.
There's a big difference between attacks that overwhelm resources and
ones that kill connections or drop packets.
In my reading of the security community work, DOS tends to focus on the
resource-starvation - by adding new connections, by overwhelming
forrwarding or security processing, by consuming buffers.
The service is denied because of OTHER THINGS going on. They're indirect
attacks on particular connections.
TCP RST and PMTU are direct attacks.
Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://www.postel.org/pipermail/end2end-interest/attachments/20050216/92e359cc/signature-0001.bin
More information about the end2end-interest
mailing list