DENIAL OF SERVICE MEETING
January 14, 1999
3085 ENG II
9:30-10:30 a.m.
TOPICS
Agenda
Useful to look at past?
Projects – NASA, potential one with Nick, others?
Tech: look in protocol description for:
Protocol limits
Possible Implementation Bounds
Others?
What else?
Meeting Time
Mailing List
-
NASA Protocols and Infrastructure
-
Infinite à Finite
-
IDS – test it with Peter
-
Site-dependent, server-dependent
-
WATCHERS – Routers to DNS
-
Theory? T: Doesn’t work out well
-
Protocol proofs don’t work – in net, is controlled by enemy
-
Can’t assume in network
-
Try constrained form?
-
Map to covert channels
-
Use traditional OS à Correctness problem?
-
Network as traffic: Cut off without disconnecting?
-
General solution (Tuomas): on Tuomas’ web page.
-
Make protocols stateless
-
Saves state à information stored à
space used
-
Covert Channels à Limits à
Potential DoS
-
Unusual signature? – Nope, Xmas timing,
-
Swap Files
-
Confine to "bandwidth" or "capacity" – "covert storage channels"
-
Virgil Gligor – OS, deadlock detection
-
Dick Kemmerer – OS, deadlock detection
-
Cost vs. Blocking
-
Question: Stateless: Timing DoS problems?
-
Question: What is denial of service? Flooding, ping of death, using up
bandwidth. Is it 60% availability?
-
Traffic from attacker shouldn’t use more resources than traffic from user
(T)
-
Availability issue regarding policy (D)
-
Starr report on LoC web site – boom! (S)
-
Propagation DoS
-
Military Limits – Go through Hierarchy
-
Meeting Time: Wednesdays from 9-10am
-
Coda: stateless protocols BAD? Maybe
-
Mailing List: Nick, Tuomas, Karl, John, David O’, Steven T., Matt, Mary,
Jeff R