Hello, As far as I understand, the attack in §2.1 requires that the victim processes an IPv4 packets whereby both source and destination are equal to a local assigned address. Any sane IPv4 stack will reject such a packet, unless it comes from the loop back.
The user (or 'root') could still inject such a packet. But that amounts to shooting oneself in the foot. And this won't have the devastating bandwidth escalation effect from the USENIX paper - it will merely waste CPU cycles looping back a packet. The recommendation in §2.1.2 basically states that Teredo relays should not exist. That would formally make Teredo an isolated IPv6 island. Then there's not much point in Teredo. As for the attack in §2.2, I think it was already discussed here: http://www.ietf.org/mail-archive/web/ipv6/current/msg10801.html But again, it seems to assume the IPv4 stack accepts packets with its own source address yet coming from the outside. > -------- Original Message -------- > Subject: New Version Notification for draft-gont-6man-teredo-loops-00 > Date: Wed, 8 Sep 2010 00:15:31 -0700 (PDT) > From: IETF I-D Submission Tool <idsubmiss...@ietf.org> > To: ferna...@gont.com.ar > > > A new version of I-D, draft-gont-6man-teredo-loops-00.txt has been > successfully submitted by Fernando Gont and posted to the IETF repository. > > Filename: draft-gont-6man-teredo-loops > Revision: 00 > Title: Mitigating Teredo Rooting Loop Attacks > Creation_date: 2010-09-08 > WG ID: Independent Submission > Number_of_pages: 7 > > Abstract: > Recently, a number of routing loop vulnerabilities were discovered in > Teredo. This document specifies a number of security checks to be > performed by Teredo hosts and Teredo servers such that these > vulnerabilities are eliminated. > > > > > The IETF Secretariat. -- Rémi Denis-Courmont http://www.remlab.net/ -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
