[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: 2401bis Issue # 75 -- TOS (now ECN) copying in tunnel mode
From:       Charles Lynn <clynn () bbn ! com>
Date:       2003-09-30 12:46:55
[Download RAW message or body]

> Description:
> ============
> The issue was raised that a Trojan Horse "behind" the IPsec 
> implementation could use the TOS field to exfiltrate data.

If the concern is data exfiltration, it seems that there should also be
a way to allow an administrator to restrict the DSCP values that may be
used (by an application) in transport mode (as well as tunnel mode) SAs.
As IPsec moves into hosts (or their NICs), there may not be any SG in
the path that would implement the DSCP mapping policy.

Should those concerned about exfiltration just be advised to require a SG?
(A topic for the Security Considerations section.)

Should data exfiltration in general be a new issue?
[prev in list] [next in list] [prev in thread] [next in thread]