Jürgen Schönwälder via Datatracker wrote:
> I am still struggling with the fact that the constrained Join
> Proxy does allow attackers to send packets to arbitrary link-local
> endpoints. The new security considerations text gives this advice:
Yes, attackers who are already inside the network.
They can send to arbitrary destinations on the insecure side of the network.
This is not a drive-by attack from an outsider, but an attack of an outside
by an insider. So there is definitely some kind of exfiltration channel
here. But, if it's an LLN network of low-power radios, then any device can
also just send unencrypted traffic on arbitrary channels at arbitrary times.
Having a different node (the Join Proxy) send the traffic allows for a
certain amount of diversion of origin, and perhaps there is a power savings
to the malevolent insider.
If one is running RPL, with RH3 headers, then the attackers can *already*
do this kind of thing.
--
Michael Richardson <mcr+IETF@xxxxxxxxxxxx> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
Attachment:
signature.asc
Description: PGP signature
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
