Seems to me that if the "bad guys" can subvert DHCP and DNS servers,
they've already taken over the network. Why would they bother spoofing an
ALTO server? And if they have "admin access to network equipment," the
odds are they're already running the ALTO server.
Did I miss something here? Yes, those are real threats, but they have
nothing to do with ALTO security.
- Wendy
>
>From: Sebastian Kiesel <[email protected]>
>Subject: Re: [alto] Hannes security questions
>>>
>>>Just as an example: Why would someone want to sent a client fake ALTO
>>>information or impersonate a server? What would be their benefit?
>>One reason for spoofing an ALTO server would be to divert clients from
>>legitimate servers to the spoofer's fake server. But I don't see any way
>>a
>>spoofer can do that with the ALTO protocol.
>
>Depending on the network scenario and depending on whether the attacker
>is a "regular user" or has administrative access to the access network
>equipment, one could try sending forged DHCP replies in an Ethernet, try
>some DNS poisoning, install a transparent HTTP proxy that does some
>modifications, etc.
>
_______________________________________________
alto mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/alto
