[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CRACK

To: Dan Harkins <dharkins@xxxxxxxxxxxxxxxxxxx>
Subject: Re: CRACK
From: Yael Dayan <yael@xxxxxxxxxxxx>
Date: Fri, 22 Oct 1999 17:47:16 +0200
Cc: ipsec@xxxxxxxxxxxxxxxxx, ietf-ipsra@xxxxxxxx
List-archive: <http://www.vpnc.org/ietf-ipsra/mail-archive/>
List-unsubscribe: <mailto:ietf-ipsra-request@vpnc.org?body=unsubscribe>
Organization: Radguard
References: <>
Sender: owner-ietf-ipsra@xxxxxxxxxxxxx

Dan,
I think there is some wording missing in the security considerations
section.
I am referring to vulnerabilities to denial of service attacks.
The gateway is required to answer with KE and SIG prior to any knowledge
of who the initiator is.  (The SIG cannot be prepared ahead of time.).
An attacker only needs to know the gateway's address  to launch an attack
that requires very little effort on his behalf.

Yael

Follow-Ups:
- Re: CRACK
  - From: Ari Huttunen

References:
- CRACK
  - From: Dan Harkins

Prev by Date: Re: CRACK
Next by Date: Re: CRACK
Previous by thread: Re: CRACK
Next by thread: Re: CRACK
Index(es):
- Date
- Thread