trust security claims of incoming packets?

To: "'ips@ece.cmu.edu'" <ips@ece.cmu.edu>
Subject: trust security claims of incoming packets?
From: "CAVANNA,VICENTE V (A-Roseville,ex1)" <vince_cavanna@agilent.com>
Date: Wed, 24 Oct 2001 14:45:38 -0600
Cc: "CAVANNA,VICENTE V (A-Roseville,ex1)" <vince_cavanna@agilent.com>, "SHEEHY,DAVE (A-Americas,unix1)" <dave_sheehy@agilent.com>, "ALBERTSON,LYLE (A-PaloAlto,ex1)" <lyle_albertson@agilent.com>
Content-Type: text/plain;charset="iso-8859-1"
Sender: owner-ips@ece.cmu.edu

Most vendors of IPSec components that I have talked to do not verify,
against their local policy database, if an inbound packet has claimed and
been afforded the security processing that the local policy specifies. Doing
this verification may, of course, introduce a performance bottleneck in the
processing of unsecured packets which would be undesireable, as most users
would expect performance not to degrade unless secured packets are being
processed.

If a packet arrives demanding security processing (e.g. has an ESP header)
then, after processing, the local policy is inspected to confirm that the
appropriate processing was applied  but if the packet arrives unsecured  all
security processing is bypassed, trusting instead that the packet was indeed
meant to be insecure. 

This method of handling unsecured packets goes against my interpretation of
the IPSec specs and seems to be a security hole.

What point am I missing that will mitigate my concern?

Thanks.

Vicente Cavanna
Agilent Technologies

Follow-Ups:
- RE: trust security claims of incoming packets?
  - From: "Bill Strahm" <bill@sanera.net>

Prev by Date: Re: iSCSI minimum PDU length
Next by Date: RE: Question
Prev by thread: Re: (iSCSI) Question
Next by thread: RE: trust security claims of incoming packets?
Index(es):
- Date
- Thread

Home

Last updated: Wed Oct 24 18:17:30 2001
7372 messages in chronological order