From: Spudboy100@aol.com
Date: Tue May 13 2003 - 23:29:54 MDT
http://news.com.com/2100-1009_3-1001200.html?tag=fd_top
<<Adrian Perrig, an assistant professor at Carnegie Mellon and Yaar's
adviser, said that analyses based on large network simulations of Yaar’s
proposal are promising. "In the case that the (Internet) address is spoofed,
our method wins hands down," he said.
The path-identifier number is stored in a part of network data packets that
is largely unused: the 16-bit Internet Protocol (IP) identification field.
The identifier is used only when network data has been fragmented, which
occurs in less than 10 percent of cases, said Perrig.
One strength of the proposal is its ability to work even when only a fraction
of ISPs--30 percent or more--have adopted the proposal. Moreover, the
proposal shifts the onus for fixing Internet security problems from the
victim to the attacker's ISP because such attacks result in traffic from
parts of the Internet close to the attacker being blocked by the victim’s
server.
AT&T's Bellovin said those two results are what he likes about the plan. "But
I'm worried about something that doesn't work well with fragmentation," he
said, pointing out that many digital subscriber line (DSL) providers used a
technique for network data that increases fragmentation. Such subscribers
could find their Internet connection nearly useless during an attack, if
Yaar's proposal became widely used. >>
This archive was generated by hypermail 2.1.5 : Tue May 13 2003 - 23:41:28 MDT