<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
The check ping packets are for detecting spoofing. The malicious
man-in-the-middle already has all the info from Charles simply because
Charles went to his region: UUID, sessionID, secureSessionID, Viewer
EndPoint... everything that we send around to regions. Note that the
info wasn't sniffed, it was given, as we always do. Yeah, what I'm
talking about does not involve sophisticated equipment...<br>
So it can easily launch an agent at WP pretending to be Charles,
spoofing the UDP EndPoint. What it *can't* do is to *receive* the UDP
PingCheck packets that WP sends to that EndPoint. The best it can do
is to send a reply guessing what the seq number might be.<br>
<br>
<br>
Frisby, Adam wrote:
<blockquote
cite="mid:63FAD4F222230A4EA79DE9E8BE664735056D2BDF@winxbeus19.exchange.xchg"
type="cite">
<meta http-equiv="Content-Type" content="text/html; ">
<meta name="Generator" content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="Section1">
<p class="MsoNormal"><span
style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);">I
think the 3 ping check is technically invalid. Anyone capable
of capturing a packet and sniffing a session/securesession ID out of
it, is
quite capable of injecting our check packets in too.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);">Adam<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"><o:p> </o:p></span></p>
<div
style="border-style: none none none solid; border-color: -moz-use-text-color -moz-use-text-color -moz-use-text-color blue; border-width: medium medium medium 1.5pt; padding: 0cm 0cm 0cm 4pt;">
<div>
<div
style="border-style: solid none none; border-color: rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color; border-width: 1pt medium medium; padding: 3pt 0cm 0cm;">
<p class="MsoNormal"><b><span
style="font-size: 10pt; font-family: "Tahoma","sans-serif"; color: windowtext;"
lang="EN-US">From:</span></b><span
style="font-size: 10pt; font-family: "Tahoma","sans-serif"; color: windowtext;"
lang="EN-US">
<a class="moz-txt-link-abbreviated" href="mailto:opensim-dev-bounces@lists.berlios.de">opensim-dev-bounces@lists.berlios.de</a>
[<a class="moz-txt-link-freetext" href="mailto:opensim-dev-bounces@lists.berlios.de">mailto:opensim-dev-bounces@lists.berlios.de</a>] <b>On Behalf Of </b>Diva
Canto<br>
<b>Sent:</b> Tuesday, 24 February 2009 9:03 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:opensim-dev@lists.berlios.de">opensim-dev@lists.berlios.de</a><br>
<b>Subject:</b> Re: [Opensim-dev] User Authentication<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Mike Mazur wrote: <o:p></o:p></p>
<pre>Hi,<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>On Tue, 24 Feb 2009 19:54:16 -0800<o:p></o:p></pre>
<pre>Diva Canto <a moz-do-not-send="true"
href="mailto:diva@metaverseink.com"><diva@metaverseink.com></a> wrote:<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre> <o:p></o:p></pre>
<blockquote style="margin-top: 5pt; margin-bottom: 5pt;">
<pre>* Within a few days: write a simple [optional]<o:p></o:p></pre>
<pre>UserAuthenticationModule along the lines of option a) that does the<o:p></o:p></pre>
<pre>following: upon a NewUserConnection, regions will check with the<o:p></o:p></pre>
<pre>incoming user's User server that the declared user exists and is<o:p></o:p></pre>
<pre>logged into the system.<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
</blockquote>
<pre><o:p> </o:p></pre>
<pre>In a grid a region can be told (via a configuration option) which user<o:p></o:p></pre>
<pre>server to check. What about HG regions? How does an HG region know<o:p></o:p></pre>
<pre>which user server to ping? Is this information supplied by the<o:p></o:p></pre>
<pre>connecting client? If so, what's to prevent a malicious client from<o:p></o:p></pre>
<pre>supplying a user server that will always reply favorably?<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<p class="MsoNormal">The HG region sends that information along when
the user
moves away from the home UGAIM. The user carries along the collection
of URLs
of all of the servers it uses. It's ok if the given User Server @
foobar.com
always says yes -- that's not the problem. The problem we need to
detect is the
user claiming to be from Intel.com or OSGrid.org, when, in fact, isn't.<br>
<br>
<br>
<o:p></o:p></p>
<blockquote style="margin-top: 5pt; margin-bottom: 5pt;">
<pre>Furthermore, upon AddNewClient (which happens<o:p></o:p></pre>
<pre>shortly after), regions will challenge the incoming client with 3 UDP<o:p></o:p></pre>
<pre>Ping messages having random seq numbers, to which the incoming client<o:p></o:p></pre>
<pre>must respond correctly<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
</blockquote>
<pre><o:p> </o:p></pre>
<pre>How does the client know the correct response?<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<p class="MsoNormal" style="margin-bottom: 12pt;">In fiddling with
the client
after talking to Teravus, I discovered a pair of response-reply packets
that
can be initiated from the server. They are StartPingCheck /
CompletePingCheck.
They take a byte as argument. The server sends StartPingCheck(33), the
client
responds with CompletePingCheck(33). Handy.<br>
<br>
<o:p></o:p></p>
</div>
</div>
</div>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Opensim-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Opensim-dev@lists.berlios.de">Opensim-dev@lists.berlios.de</a>
<a class="moz-txt-link-freetext" href="https://lists.berlios.de/mailman/listinfo/opensim-dev">https://lists.berlios.de/mailman/listinfo/opensim-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>