lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140108071047.GB9007@order.stressinduktion.org>
Date:	Wed, 8 Jan 2014 08:10:47 +0100
From:	Hannes Frederic Sowa <hannes@...essinduktion.org>
To:	David Miller <davem@...emloft.net>
Cc:	netdev@...r.kernel.org, eric.dumazet@...il.com,
	johnwheffner@...il.com, steffen.klassert@...unet.com,
	fweimer@...hat.com
Subject: Re: [PATCH net-next v3 1/3] ipv4: introduce ip_dst_mtu_secure and protect forwarding path against pmtu spoofing

On Wed, Jan 08, 2014 at 01:49:40AM -0500, David Miller wrote:
> From: Hannes Frederic Sowa <hannes@...essinduktion.org>
> Date: Wed, 8 Jan 2014 07:13:20 +0100
> 
> > I am sorry..  maybe I am just stupid?
> 
> I thought I was clear about wanting the new behavior to _NOT_ be the
> default.  I thought we agreed on this.

Sorry for not making it clear enough that I changed my mind on this.

I thought that mentioning it in the changelog and after the last
discussion, where I again said that in my opinion this should always be
default behavior unless someone uses a user-space software to discover
MTUs, which normally won't be the case. This is RFC specified and I
never heard a reason why we should do path mtu discovering on a router.
(local connections will still do correct path mtu discovering)

Additionally, given the possible attacks on fragment reassembly, I really
see no point in keeping to use the path mtu for forwarding. The attack
is a new form of the Kaminsky attack on DNS and I think, after it was
shown possible, that this is serious.

I thought I brought all needed arguments last time to make this switch,
I am sorry that I was not stressing these points enough.

I am pretty sure distributions will switch the setting to the mode where
we don't honour path mtu information. This is in fact the only sensible
thing to do.

I personally don't mind the default, I just want the possibility that this can
be documented and people can act accordingly. So I am open for discussion on
the default, but have a strong opinion (and always had) towards not using path
mtu values on forwarding.

Thank you,

  Hannes

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ