Hi Tony, > -----邮件原件----- > 发件人: Tony Li [mailto:tony...@tony.li] > 发送时间: 2010年4月6日 12:01 > 收件人: Xu Xiaohu > 抄送: rrg@irtf.org > 主题: Re: Some concerns about ILNP//:Re: [rrg] Recommendation > > > Hi Xiaohu, > > > If so, wouldn¹t it be used as a way for flooding-attack? For example, one > > or more malicious host could assume an identifier of a target server and > > initiate sessions to a huge mount of hosts, and these hosts will in turn > > return their response packets to the target server. If the returning traffic > > is large, wouldn¹t the target server be flooded? > > Seems like there's no amplification, so I don't see how its any different > than a straightforward ping flood. Same situation as today.
In today's Internet, uRPF can be deployed to eliminate such attacks (address spoofing). > > By the way, how could you conclude the connection is a forgery, rather than > > a new legitimate one? > > Unless I've lost the context of the thread (a distinct possibility), you > stipulated that it was a forgery. Sorry, let me clarify my thought. Even if the initiator is a forgery (i.e., it impersonates other host), how could the responder distinguish whether it is a forgery or not? Best wishes, Xiaohu _______________________________________________ rrg mailing list rrg@irtf.org http://www.irtf.org/mailman/listinfo/rrg
