1 / 20

Management Issues in ICMP (Internet Control Message Protocol)

Management Issues in ICMP (Internet Control Message Protocol). Byungchul Park DPNM Lab., CSE, POSTECH Email: fates@postech.ac.kr 2008. 5. 12. Table of Contents. Introduction ICMP functionalities MIB for ICMP Security Vulnerabilities of ICMP Redesign ‘Source Quench’ error report Summary.

alessa
Download Presentation

Management Issues in ICMP (Internet Control Message Protocol)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Management Issues inICMP (Internet Control Message Protocol) Byungchul Park DPNM Lab., CSE, POSTECH Email: fates@postech.ac.kr 2008. 5. 12

  2. Table of Contents • Introduction • ICMP functionalities • MIB for ICMP • Security Vulnerabilities of ICMP • Redesign ‘Source Quench’ error report • Summary

  3. Introduction (1/2) • Unreliable IP protocol - “Best Effort” • What will happen if… • Packet can not find a router to go to final destination • TTL value goes 0 • Fragmented packets can not reach to final destination in time • Network error • A host or router need some information from other hosts or routers

  4. Introduction (2/2) • Why the ICMP is needed? • Lacks of IP protocol’s functionality!!! • Unreliable and connectionless datagram delivery • Best-effort delivery service • Lack of error control and lack of assistance mechanisms • No error-reporting and error-correcting mechanisms • Lacks of mechanism for host and management queries  ICMP has been designed to compensate for the above deficiencies

  5. ICMP Messages Error-reporting Query ICMP Functionalities (1/3) • Error reporting : report problems that a router or host may encounter when it processes an IP packet • Query message : get specific information from router or a host in order to help a host or network management.

  6. ICMP Functionalities (2/3) • ICMPv4

  7. ICMP Functionalities (3/3) • ICMPv6

  8. What are the important things that need to be monitored and controlled?

  9. MIB for ICMP (1/2) • Important functionalities • Error report • Query for network management  Monitoring every ICMP message is meaningful in network management aspect • Example • Too many “source quench” message  network congestion?! • Too many “redirection” messages  ICMP attack?!

  10. MIB for ICMPv6 - RFC2466 (2/2) ipv6IfIcmpInMsgs, ipv6IfIcmpInErrors, ipv6IfIcmpInDestUnreachs, ipv6IfIcmpInAdminProhibs, ipv6IfIcmpInTimeExcds, ipv6IfIcmpInParmProblems, ipv6IfIcmpInPktTooBigs, ipv6IfIcmpInEchos, ipv6IfIcmpInEchoReplies, ipv6IfIcmpInRouterSolicits, ipv6IfIcmpInRouterAdvertisements, ipv6IfIcmpInNeighborSolicits, ipv6IfIcmpInNeighborAdvertisements, ipv6IfIcmpInRedirects, ipv6IfIcmpInGroupMembQueries, ipv6IfIcmpInGroupMembResponses, ipv6IfIcmpInGroupMembReductions

  11. More Issues • Simple statistics information is not enough to manage every network problem ICMP does not correct errors, it simply reports them. • Tracking every error message’s source host is important to correct errors • SNMP and MIB can not add additional information dynamically  How can we correct errors?

  12. What are existing problems with the protocol?Security Vulnerabilities

  13. Security Vulnerabilities (1/3) • Every ICMP message can be used for network attack • ‘Echo’ and ‘Echo Reply’ messages • Echo requests can be used by an outsider to map our network • ‘Destination Unreachable’ message • Blind connection-reset attack: Send a ‘Protocol unreachable’ message to a client with spoofed IP address • Path MTU discovery attack: Send ‘Fragmentation needed’ message to a client (c.f. PMTUD mechanism)

  14. Security Vulnerabilities (2/3) • ‘Source Quench’ message • ICMP Source Quench attack: attacker (probably combined with IP spoofing) sends this message in order to make a very effective DoS attack • ‘Redirect’ message • Attacker sends this message to subvert the routing table • ‘Time Exceeded’ message • Attacker can use traceroute to find out which hosts are the routers in our network

  15. Security Vulnerabilities (3/3) • ‘Time Stamp request & reply’ messages • Attacker can use this message to map our network (alternative to ping) • ‘Address Mask request & reply’ messages • Attacker can use these messages to learn the topology of our network These vulnerabilities caused by lack of authentication mechanism • Firewall is used for filtering ICMP messages (inbound/outbound) • Authentication mechanism should be integrated into ICMP

  16. What are existing problems with the protocol?If you had to redesign the protocol from scratch, how would you do it differently, considering its manageability?

  17. Source Quench Error (1/3) • Generated if the router or host does not have sufficient buffer space to process the request • Requests the sender to decrease the traffic rate of messages to a router or host (congestion control)

  18. Source Quench Error (2/3) • Problems • A host or router will send source quench error messages responsible for every discarded packet (network overhead) • A host or router can not determine which host is responsible for network congestion • No mechanism to notify the end of congestion

  19. Source Quench Error (3/3) • Redesign of Source quench error function • A host or router will send source quench error messages responsible for every discarded packet (network overhead) • Sending an error message per source host (What will happen if the error message disappear? I don’t know!) • A host or router can not determine which host is responsible for network congestion  Using statistics of received datagram, a host or router can determine the responsible sender • No mechanism to notify the end of congestion  New message type (available bandwidth) is needed

  20. Question? ?

More Related