RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Dawson, Martin ^lt;Martin.Dawson@andrew.com>
Date: Mon Feb 19 2007 - 22:17:00 EST

That didn't meet the specification of being done "without exploit". We can't address the general problem of the security holes currently in the Internet. The existence of bot nets is a generic Internet problem and the issues go well beyond the domain of location integrity. It has to be addressed - but it should not preclude the existence of integrity mechanisms within the location domain. Cheers, Martin -----Original Message----- From: Henning Schulzrinne [mailto:hgs@cs.columbia.edu] Sent: Tuesday, 20 February 2007 12:19 AM To: Dawson, Martin Cc: Marc Linsner; Brian Rosen; geopriv@ietf.org Subject: Re: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures) Bot nets are currently by far the most common attack vector for DOS attacks and spam; they are rumored to be up to hundreds of thousands of hosts strong, and available for rent. An attacker that would want to disrupt PSAP operations (as opposed to the usual lone prank caller) would need a bot net in any event since otherwise it is too easy, from an attacker's point of view, to filter a few attack hosts by just noting that all calls are coming from the same IP address. As I noted before, we need to be really clear as to whether we're protecting against individual human prank callers or a coordinated bot attack. For the prank caller, an open WiFi network is probably the rough equivalent of today's pay phone as a tool of choice. As long as everyone understands that signed location information doesn't help with these payphone-like attacks, we can discuss the merits of signing. http://en.wikipedia.org/wiki/Botnet has details with sources: "The Dutch police found a 1.5 million node botnet[1] and the Norwegian ISP Telenor disbanded a 10,000 node botnet.[2] Large coordinated international efforts to shutdown botnets have also been initiated.[3] It has been estimated that up to one quarter of all personal computers connected to the internet are part of a botnet.[4]" On Feb 19, 2007, at 1:12 AM, Dawson, Martin wrote: > So how, without exploit, does the attacker launch an arbitrary > number of > calls with signed location objects that appear to come from discrete > devices at a specific location at a specific point in time? > > Cheers, > Martin > ------------------------------------------------------------------------------------------------ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any unauthorized use of this email is prohibited. ------------------------------------------------------------------------------------------------ [mf2]

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Mon, 19 Feb 2007 21:17:00 -0600

This archive was generated by hypermail 2.1.8 : Mon Feb 19 2007 - 22:17:22 EST