For those who are interested in the ITRACE BoF, there is a mailing list
[EMAIL PROTECTED] Subscribe by sending the message body
subscribe
to [EMAIL PROTECTED]
---
> ICMP Traceback BOF (itrace)
>
> Thursday, March 30 at 1530-1730
> ===============================
>
> CHAIR: Steve Bellovin <[EMAIL PROTECTED]>
>
> DESCRIPTION:
>
> The purpose of the BoF is to look at a mechanism to help address the
> problem of tracing back denial of service attacks. The suggested
> mechanism is that with low probability (order 1/20,000), a router
> seeing a packet would send to the destination an ICMP message giving
> as much information as it knows about the immediate previous hop of
> that packet. With enough of these messages -- and if one is being
> flooded, by definition there will be a lot of traffic, so that the
> low probabilities will still result in a reasonably complete set of
> traceback packets.
>
> Such a mechanism has other uses as well. It lets people trace down
> the source of accidentally-emitted bogus packets, i.e., those with
> RFC1918 addresses. It helps characterize the reverse path, which
> traceroute does not do.
>
> The output will be a standards-track RFC describing the packet format,
> and the conditions under which it should be sent. Issues include
> authentication, router load, and host load.
>
> AGENDA:
>
> Introduction, motivation 15 min
> Marcus Leech's prototype 20 min
> Open issues list 30 min
> Charter 20 min
>
>
--Steve Bellovin
