Kiss-o'-death packets?

• Previous message (by thread): Kiss-o'-death packets?
• Next message (by thread): Kiss-o'-death packets?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 6 Oct 2003 Valdis.Kletnieks at vt.edu wrote:
> The problem with a 'kiss-o-death' packet is that it needs to be authenticated.
> Otherwise, you can use spoofed packets to DoS somebody.  How many lines are in
> your root-DNS hints?  And even if we insist on the KoD packet having the query
> ID in it, that's a TINY address space.  I can even feed you spam to force you
> to hit the DNS, trickle you some forged KoD packets, and within a day or so
> make you refuse to talk to any of the root nameservers... (Note that TCP
> connections are a lot more easily dealt with, as the 3-packet handshake adds a
> lot to the security.  However, Wesel's numbers on "98% of the root DNS traffic
> is bogus" indicate that we really need this on the UDP side of the fence as
> well....)

That's why I mentioned the 4-way handshake, and the need for it in many
different protocols. Its authenticated based on the end-to-end
communication, but not on a higher authority (e.g. PKI).  Man in the
middle attacks exist, but MITM could disrupt the communications anyway.

Phase I
   Send IP packet ->

                        <- ICMP GoAway + nonce + header&64 bytes of packet

   Match sent IP packet?
      No -> Ignore
      Duplicate -> Ignore (i.e. received a reply from the "real" host)
      Yes -> Sender is now informed of the possible problem

Phase II
The next phase could be TCP, UDP, SSL, whatever.  I made it ICMP for
simplicity.  In phase II the source (or edge or firewall) confirms
the intention/desire of the destination host to drop the unwanted
packets.

   Send ICMP Block + nonce + header&64 bytes of ICMP GoAway ->

                      Match sent ICMP GoAway?
                         No -> Reply no block
                         Yes -> Reply with block code

                      <- ICMP Block Reply + header&64 bytes of ICMP Block
                         Code (no block, host, protocol, port, source)

   Match sent ICMP Block?
      No -> Ignore
      Yes
        No block -> Ignore
        Block host, protocol, port or source ->
          Locally respond to future packets to host/protocol/port/source
            as Destination Unreachable
          Set dampening timer, remove block when expires

• Previous message (by thread): Kiss-o'-death packets?
• Next message (by thread): Kiss-o'-death packets?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]