[Info-vax] OpenVMS versus Windows/GE Telemetry Control Systems.

David Froble davef at tsoft-inc.com
Wed Jan 16 22:42:16 EST 2013 

Simon Clubley wrote:
> On 2013-01-16, Stephen Hoffman <seaohveh at hoffmanlabs.invalid> wrote:
>> On 2013-01-16 08:44:17 +0000, David Froble said:
>>> As a small example, I've implemented some socket communications.  The 
>>> socket is basically an open port to the world.  But it's under program 
>>> control, and what's coming in must meet expectations, or it's flushed 
>>> and the connection dropped.  Are there ways to defeat such?  I have to 
>>> say that I don't know, but, I really doubt it.
>> DNS spoofing and routing-level shenanigans can be used for MiTM 
>> attacks, and there are other approaches.
>>
> 
> David, as a specific example of the above, how do you handle replay
> attacks against this service of yours ?
> 
> (Or have you determined that replay attacks are not something which is
> relevant to the service been offered ?)
> 
> Simon.
> 

Ya know Simon, you're not very nice.  You make me work ....

So, I had to go lookup "replay attack" and read about it.

Initially  we did not use encryption, but we're now moving to implement 
SSL on all external communications.  We use certificate validation, so 
this should reject any connections that do not have valid certificates 
issued by our cert authority.  I "think" this will avoid replay attacks, 
but perhaps not.

Some of the communications include inventory inquiry, incoming purchase 
orders, and such.  As for the inventory inquiry, yes, it's additional 
work for our systems to perform, but it's minimal overhead.  So if 
several get duplicated, so what.  If it's a storm of connections, then 
yes, we'd have a denial of service situation.

In any case, if we used one of the methods to defeat such attacks, we'd 
still get the communication requests, so a storm would still be a DoS 
attack.

Incoming purchase orders would be an issue, however, our applications 
long ago have implemented methods to detect and reject duplicate orders.

Still, thank you for the question, I learned something new, even if I 
did have to work to do so.  See, old dogs can learn something new, every 
now and then ....

More information about the Info-vax mailing list