[Info-vax] DECnet Phase IV and VMS code comments
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Sun Nov 27 22:14:04 EST 2016
On 2016-11-25, Johnny Billquist <bqt at softjar.se> wrote:
>
> While you have some half points in here, I feel that this is making more
> out of it than is meaningful.
>
> I can just as easily also pollute the ARP table of any IPv4 host. There
> is no checking of the authenticity of an ARP packet, and if can cause
> traffic to suddenly be redirected elsewhere for all IPv4 traffic you are
> sending out.
>
> I can also easily pollute the routing table of many IPv4 hosts by
> sending bogus RIP packets. There is no authenticity there either. The
> data is just processed, and acted upon.
>
> I fail to see that DECnet have any more problems than IP here. The big
> issue is cleartext usernames and passwords. Something IP protocols also
> have, but in IP those protocols are now considered security problems.
>
> What you have found is that the routing table in DECnet can be
> subverted. I'd consider that very much to be the same kind of problem as
> ARP and RIP in IP.
>
I would say that's an accurate summary with the addition that DECnet
running on a target host trusts information provided by an external
host that is pretending to be the target host.
This also includes a lack of origin address checking by the routing
layer when it's processing LDP messages containing actual NSP data
(although as you pointed out, even though the Connect Init message
will make it's way to the target object and be processed, the connection
will never be fully completed and will eventually timeout).
Anyway, my exploration of DECnet is at an end; I'm currently having
a look at an unrelated part of VMS.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list