CRIME

From: Alesha R. Adamson (alesha@private)
Date: Tue Apr 01 2003 - 07:51:08 PST

  • Next message: John McHugh: "Re: CRIME bellovin's new rfc and The Evil Bit"

    Here is an excerpt from the RFC:
    
    [ ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt ]
    Network Working Group                                        S. Bellovin
    Request for Comments: 3514                            AT&T Labs Research
    Category: Informational                                     1 April 2003
    
    
                      The Security Flag in the IPv4 Header
    
    Status of this Memo
    
       This memo provides information for the Internet community.  It does
       not specify an Internet standard of any kind.  Distribution of this
       memo is unlimited.
    
    Copyright Notice
    
       Copyright (C) The Internet Society (2003).  All Rights Reserved.
    
    Abstract
    
       Firewalls, packet filters, intrusion detection systems, and the like
       often have difficulty distinguishing between packets that have
       malicious intent and those that are merely unusual.  We define a
       security flag in the IPv4 header as a means of distinguishing the two
       cases.
    
    1. Introduction
    
       Firewalls [CBR03], packet filters, intrusion detection systems, and
       the like often have difficulty distinguishing between packets that
       have malicious intent and those that are merely unusual.  The problem
       is that making such determinations is hard.  To solve this problem,
       we define a security flag, known as the "evil" bit, in the IPv4
       [RFC791] header.  Benign packets have this bit set to 0; those that
       are used for an attack will have the bit set to 1.
    



    This archive was generated by hypermail 2b30 : Tue Apr 01 2003 - 08:46:07 PST