Generic Threats to Routing Protocols
RFC 4593
Document | Type | RFC - Informational (October 2006; No errata) | |
---|---|---|---|
Authors | Abbie Barbir , Sandra Murphy , Yibin Yang | ||
Last updated | 2015-10-14 | ||
Replaces | draft-beard-rpsec-routing-threats | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4593 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Bill Fenner | ||
Send notices to | (None) |
Network Working Group A. Barbir Request for Comments: 4593 Nortel Category: Informational S. Murphy Sparta, Inc. Y. Yang Cisco Systems October 2006 Generic Threats to Routing Protocols Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). Abstract Routing protocols are subject to attacks that can harm individual users or network operations as a whole. This document provides a description and a summary of generic threats that affect routing protocols in general. This work describes threats, including threat sources and capabilities, threat actions, and threat consequences, as well as a breakdown of routing functions that might be attacked separately. Barbir, et al. Informational [Page 1] RFC 4593 Generic Threats to Routing Protocols October 2006 Table of Contents 1. Introduction ....................................................2 2. Routing Functions Overview ......................................3 3. Generic Routing Protocol Threat Model ...........................4 3.1. Threat Definitions .........................................4 3.1.1. Threat Sources ......................................4 3.1.1.1. Adversary Motivations ......................5 3.1.1.2. Adversary Capabilities .....................5 3.1.2. Threat Consequences .................................7 3.1.2.1. Threat Consequence Scope ...................9 3.1.2.2. Threat Consequence Zone ...................10 3.1.2.3. Threat Consequence Periods ................10 4. Generally Identifiable Routing Threat Actions ..................11 4.1. Deliberate Exposure .......................................11 4.2. Sniffing ..................................................11 4.3. Traffic Analysis ..........................................12 4.4. Spoofing ..................................................12 4.5. Falsification .............................................13 4.5.1. Falsifications by Originators ......................13 4.5.1.1. Overclaiming ..............................13 4.5.1.2. Misclaiming ...............................16 4.5.2. Falsifications by Forwarders .......................16 4.5.2.1. Misstatement ..............................16 4.6. Interference .........................................17 4.7. Overload .............................................18 5. Security Considerations ........................................18 6. References .....................................................18 6.1. Normative References ......................................18 Appendix A. Acknowledgments .......................................20 Appendix B. Acronyms ..............................................20 1. Introduction Routing protocols are subject to threats and attacks that can harm individual users or the network operations as a whole. The document provides a summary of generic threats that affect routing protocols. In particular, this work identifies generic threats to routing protocols that include threat sources, threat actions, and threat consequences. A breakdown of routing functions that might be separately attacked is provided. This work should be considered a precursor to developing a common set of security requirements for routing protocols. While it is well known that bad, incomplete, or poor implementations of routing protocols may, in themselves, lead to routing problems or failures or may increase the risk of a network's being attacked successfully, these issues are not considered here. This document only considers Barbir, et al. Informational [Page 2] RFC 4593 Generic Threats to Routing Protocols October 2006 attacks against robust, well-considered implementations of routing protocols, such as those specified in Open Shortest Path First (OSPF) [4], Intermediate System to Intermediate System (IS-IS) [5][8], RIP [6] and BGP [7]. Attacks against implementation-specific weaknesses and vulnerabilities are out of scope for this document. The document is organized as follows: Section 2 provides a review ofShow full document text