Re: SoC ideas about nping

["Luis M." <luis.mgarc () gmail com>]

Hi Yang,


On 03/25/2010 06:00 AM, GuangLiang Yang wrote:
> And I have two questions.
> 1. Which way should the keys distrubution be runing in? If we just
> make designs simple, entering keys by keyboard both in client and
> server maybe fine. But if conditions is complicated, it's better to
> use TTP(Trusted Third Partner). The TTP can be build in a smple way,
> just with functions of registing, generating keys etc.
>
>   

In my opinion there's no need at all for any third parties, PKI or other
complicated authentication & key management schemes. The thing here is
that, as the Nping Echo Server will echo packets captured from the local
network interface, we have to add a bit of security to prevent attackers
from obtaining potentially sensitive information. (e.g: attacker
connects to nping echo server and says is going to send TCP traffic to
port 23. We certainly don't want the guy to get another user's telnet
session packets).

So the thing is: we need to add some authentication to the protocol but
there is no need for complicated stuff. I think one symmetric key per
nping echo server is enough. However, I may have skipped something so
I'd be glad to hear comments on this.


> 2. And it's better to add one optional byte to QUIT packets header,
> which can identify the type of error. Because the QUIT operation is
> not just used in two conditions described in "2.11 Operation QUIT", it
> will make everything more clearly.
>
>   

You are right. It would be nice to have an error code in QUIT.

Regards,

Luis.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/