[Info-vax] DECnet Phase IV and VMS code comments
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Tue Nov 22 14:14:18 EST 2016
On 2016-11-22, Johnny Billquist <bqt at softjar.se> wrote:
> On 2016-11-22 14:21, Simon Clubley wrote:
>>
>> Well, that's one better than VMS manages...
>
> A bit surprising, but on the other hand, this is from the era when
> systems was much more trusting of everything.
>
Which directly leads into my concerns about if the rest of the VMS
networking code could do with some checking to make sure it's suitable
for use in today's more hostile environment.
>>
>> No, that's only part of the story.
>>
>> The routing layer messages in DECnet Phase IV also contain the source
>> DECnet address, and this information is not crosschecked against the
>> Ethernet level frame header in any way that I have been able to detect.
>
> Right. The routing messages as such are not checked for any authority or
> such. Same as RIP under TCP/IP. You just broadcast things, and others
> might accept it.
>
>> VMS DECnet Phase IV appears to use the information in the routing layer
>> message in preference to the Ethernet frame header information and
>> completely trusts the source address field in the routing layer message.
>
> Yeah. But apart from checking the ethernet header (which can be faked
> anyway) against the source DECnet address (which can also be faked),
> there is no identification for authority. Anyone can do this.
> Very easy to fake, and thus mess up routing on all nodes.
>
In case anyone following along is getting confused by the use of the
word routing in the above thread, I should point out that the word
routing applies to the routing layer in DECnet Phase IV which does
two distinct things:
1) It emits standalone packets which contain network configuration
information (such as the endnode hello packets).
2) When higher level layers (ie: NSP) are present in a packet,
routing has various additional data structures, and one of these
routing data structures is always present within those packets.
In both cases, DECnet is trusting the information in the routing
layer data structures much more than it should be.
As an aside, I think that's about it for DECnet. I wonder what
I should look at next ? :-)
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list