I have a question about the HB.Max.Burst parameter for the LKSCTP
stack. I notice that there is no explicit parameter for this value
and the alternative from RFC 5062 (only one HB per RTT) does not
appear to be implemented either (see excerpt below). The only
limiting factor appears to be max.burst. Am I missing something
obvious or should there be some other form of limiting heartbeats to
mitigate some of the issues outlined in RFC 5062?
6.3. Mitigation Option
To limit the effectiveness of this attack, the new parameter
HB.Max.Burst was introduced in [RFC4960] and an endpoint should:
1) not allow very large cookie lifetimes, even if they are requested.
2) not use larger HB.Max.Burst parameter values than recommended.
Note that an endpoint may decide to send only one Heartbeat per
RTT instead of the maximum (i.e., HB.Max.Burst). An endpoint that
chooses this approach will however slow down detection of
endpoints camping on valid addresses.
3) not use large HEARTBEATs for path confirmation.
Karl
--
To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
