Hi Tom, You may be interested in reading this document: http://tools.ietf.org/html/draft-bsd-softwire-stateless-port-index-analysis-00, in particular:
In each analyzed port derivation algorithm, an attacker may implement a redirection loop to detect a significant amount of allowed ports. For all monotonously scattered schemes, the whole Port-Set may be deduced by extrapolation while this is not applicable for contiguous port ranges (because no information about port bounds is leaked in the IPv4-translatable IPv6 address). Cheers, Med >-----Message d'origine----- >De : [email protected] >[mailto:[email protected]] De la part de Tom Taylor >Envoyé : lundi 18 février 2013 17:40 >À : Softwires >Objet : [Softwires] Port set algorithm for LW4o6 > >Would it be possible to specify the same port set algorithm in >LW4o6 as >in MAP-E? This would simplify the description of the unified CPE. The >effect on security of using a deterministic algorithm for the complete >set (but not precluding random assignment within that set) would >probably be minimal. > >Tom Taylor >_______________________________________________ >Softwires mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/softwires > _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
