Generic Threats to Routing Protocols
RFC 4593
Document Type RFC - Informational (October 2006; No errata)
Last updated 2015-10-14
Replaces draft-beard-rpsec-routing-threats
Stream IETF
Formats plain text pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4593 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Bill Fenner
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                          A. Barbir
Request for Comments: 4593                                        Nortel
Category: Informational                                        S. Murphy
                                                            Sparta, Inc.
                                                                 Y. Yang
                                                           Cisco Systems
                                                            October 2006

                  Generic Threats to Routing Protocols

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   Routing protocols are subject to attacks that can harm individual
   users or network operations as a whole.  This document provides a
   description and a summary of generic threats that affect routing
   protocols in general.  This work describes threats, including threat
   sources and capabilities, threat actions, and threat consequences, as
   well as a breakdown of routing functions that might be attacked
   separately.

Barbir, et al.               Informational                      [Page 1]
RFC 4593          Generic Threats to Routing Protocols      October 2006

Table of Contents

   1. Introduction ....................................................2
   2. Routing Functions Overview ......................................3
   3. Generic Routing Protocol Threat Model ...........................4
      3.1. Threat Definitions .........................................4
           3.1.1. Threat Sources ......................................4
                  3.1.1.1. Adversary Motivations ......................5
                  3.1.1.2. Adversary Capabilities .....................5
           3.1.2. Threat Consequences .................................7
                  3.1.2.1. Threat Consequence Scope ...................9
                  3.1.2.2. Threat Consequence Zone ...................10
                  3.1.2.3. Threat Consequence Periods ................10
   4. Generally Identifiable Routing Threat Actions ..................11
      4.1. Deliberate Exposure .......................................11
      4.2. Sniffing ..................................................11
      4.3. Traffic Analysis ..........................................12
      4.4. Spoofing ..................................................12
      4.5. Falsification .............................................13
           4.5.1. Falsifications by Originators ......................13
                  4.5.1.1. Overclaiming ..............................13
                  4.5.1.2. Misclaiming ...............................16
           4.5.2. Falsifications by Forwarders .......................16
                  4.5.2.1. Misstatement ..............................16
           4.6. Interference .........................................17
           4.7. Overload .............................................18
   5. Security Considerations ........................................18
   6. References .....................................................18
      6.1. Normative References ......................................18
   Appendix A. Acknowledgments .......................................20
   Appendix B. Acronyms ..............................................20

1.  Introduction

   Routing protocols are subject to threats and attacks that can harm
   individual users or the network operations as a whole.  The document
   provides a summary of generic threats that affect routing protocols.
   In particular, this work identifies generic threats to routing
   protocols that include threat sources, threat actions, and threat
   consequences.  A breakdown of routing functions that might be
   separately attacked is provided.

   This work should be considered a precursor to developing a common set
   of security requirements for routing protocols.  While it is well
   known that bad, incomplete, or poor implementations of routing
   protocols may, in themselves, lead to routing problems or failures or
   may increase the risk of a network's being attacked successfully,
   these issues are not considered here.  This document only considers

Barbir, et al.               Informational                      [Page 2]
RFC 4593          Generic Threats to Routing Protocols      October 2006

   attacks against robust, well-considered implementations of routing
   protocols, such as those specified in Open Shortest Path First (OSPF)
   [4], Intermediate System to Intermediate System (IS-IS) [5][8], RIP
   [6] and BGP [7].  Attacks against implementation-specific weaknesses
   and vulnerabilities are out of scope for this document.

   The document is organized as follows: Section 2 provides a review of
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools