ietf
[Top] [All Lists]

Re: Gen-ART and OPS-Dir review of draft-wkumari-dhc-capport-13

2015-07-15 16:58:58
Okey dokey, I'm happy to add something.

Does anyone have any suggested text?

W

On Monday, July 13, 2015, Sam Hartman <hartmans-ietf(_at_)mit(_dot_)edu> wrote:

"Warren" == Warren Kumari <warren(_at_)kumari(_dot_)net <javascript:;>> 
writes:

    Warren>    On Saturday, July 11, 2015, Christian Huitema
    Warren> <huitema(_at_)microsoft(_dot_)com <javascript:;>>
    Warren>    wrote:

    Warren>      On Saturday, July 11, 2015 8:50 AM, joel jaeggli wrote
    >> ...  [5] Section 5:
    >>
    >> Fake DHCP servers / fake RAs are currently a security concern -
    >> this doesn't make them any better or worse.
    >>
    >> Please cite a reference for this, preferably with operational
    >> recommendations on limiting these problems (e.g., ensure that
    >> DHCP
    Warren>      and
    >> RA traffic cannot be injected from outside/beyond the network
    >> that
    Warren>      is relevant to the portal).

     There is definitely an
attack vector there. Suppose an attacker can monitor the
traffic, say on an unencrypted Wi-Fi hot spot. The attacker
can see a DHCP request or INFORM, and race in a fake
response with an URL of their own choosing. The mark's
computer automatically connects there, and download some
zero-day attack.  Bingo!

    Warren>    An attacker with this level of access can already do
    Warren> this. They fake a DHCP response with themselves as the
    Warren> gateway and insert a 302 into any http connection. Or, more
    Warren> likely they simply inject malicious code into some
    Warren> connection.


I'm with Christian.  The attack he describes--injecting a URI--is less
likely in my mind to be noticed than setting up a gateway.  So, I do
consider this a new vector.



-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf