[Date Prev][Date Next] [Chronological] [Thread] [Top]

Details on TCP sequence numbers (RE: C API: minor comments)

To: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>, "'Kurt D. Zeilenga'" <kurt@boolean.net>, Mark Wahl <M.Wahl@INNOSOFT.COM>
Subject: Details on TCP sequence numbers (RE: C API: minor comments)
From: Harald Tveit Alvestrand <Harald@Alvestrand.no>
Date: Tue, 16 Nov 1999 08:08:32 -0500
Cc: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>, mcs@netscape.com, howes@yahoo.com, "Andy Herron (Exchange)" <andyhe@Exchange.Microsoft.com>, "Anoop Anantha (Exchange)" <anoopa@Exchange.Microsoft.com>, kurt@OpenLDAP.Org, ietf-ldapext@netscape.com
In-reply-to: <19398D273324D3118A2B0008C7E9A569051BEAAE@SIT.platinum.corp.microsoft.com>
Resent-date: Mon, 15 Nov 1999 23:24:25 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"htJ-YB.A.AqD.UaQM4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 18:07 15.11.99 -0800, Paul Leach (Exchange) wrote:

> If this is a security risk, I suggest adding a security consideration to
> both RFC2251 and this draft stating the applications concerned
> about spoofing should utilize a secure transport.
Use of random initial sequence numbers has been known for a long time to improve the security of TCP against session hijacking attacks, without requiring the use of a secure transport, which will be unavailable for anonymous connections. I see no reason not to recommend it here.

The particular attack being guarded against by TCP random initial sequence numbers is described in RFC 1948; it lets an attacker set up a connection from an IP address other than his own even when he is not able to listen to the packets coming back, so as to be able to (for instance) get a command executed over the Berkeley Remote Shell interface.

It only works for impersonating a client, not impersonating a server.

For the attack to be successful, it depends on:
- Trust being extended on the basis of source IP address
- Initial sequence numbers being badly chosen

It does not seem particularly relevant to LDAP, since:

- LDAP does not rely on IP addresses for authentication (shouldn't, anyway!) - Both strong authentication and secure transport for anonymous clients are available in LDAP (you can use TLS with anon clients just fine - see 99% of the HTTPS out there) - An attack that depends on faking message IDs without the ability to listen in on the channel requires TCP transport hijacking, not just the RFC 1948 attack, since one needs a legitimate user to get past the authentication phase first. This is a lot tougher than the RFC 1948 attack; I'd say it's impossible without being able to listen to at least one direction of traffic, and then LDAP message IDs are available anyway.

Security: the devil is in the details....

                    Harald A


--
Harald Tveit Alvestrand, Maxware, Norway
Harald.Alvestrand@maxware.no

References:
- RE: C API: minor comments
  - From: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>

Prev by Date: RE: AuthzIDs or DNs, but not both
Next by Date: Re: creatorsName/modifiersName referential integrity
Index(es):
- Chronological
- Thread