Public

Securing BGP

Thu, 03/10/2011 - 15:10 by Olivier Bonaventure • Categories:

BGP is one of the key protocols that are used on the Internet today. Despite of its importance, the security of BGP is still a concern. Several solutions to improve the security of BGP have been proposed by the research community :


TCP crypt

Thu, 03/10/2011 - 15:03 by Olivier Bonaventure • Categories:

Despite its respectable age (the first specification was published in September 1981), TCP is still alive and researches and IETFers continue to develop new extensions to improve the protocol. Multipath TCP received a lot of attention during the last years. Another TCP extension to improve the security of TCP has been submitted for the next IETF meeting. TCP crypt aims at improving the security of TCP by allowing the utilisation of crypto mechanisms to protect the TCP segments.


MPLS autobandwidth

Mon, 03/07/2011 - 15:27 by Olivier Bonaventure • Categories:

Since several years, Cisco routers have included a feature called mpls autobandwidth that allows the router to compute automatically the bandwidth required for an LSP and adjust the reserved bandwidth. This feature seems interesting, but personally I have always feared that it could cause oscillations in a network if the change in reserved bandwidth leads to a change in paths for the concerned LSPs.


TCP's retransmission timeout

Mon, 03/07/2011 - 14:23 by Olivier Bonaventure • Categories:

The retransmission timeout plays an important role in allowing TCP to recover from segment losses. Over the years, extensions to TCP have been developed to reduce the reliance of TCP on the retransmission timer. Recently, a SIGCOMM paper proposed to use microsecond resolution timers in TCP. A recent IETF draft summarizes the discussions on TCP's retransmission timer, but surprisingly it does not discuss these microsecond resolution TCP timers.


Controllable per-Flow Load Balancing

Wed, 01/05/2011 - 14:22 by Gregory Detal • Categories:
Slogan: 
Classic load-balancing techniques revisited

Controlable per-Flow Load Balancing (CFLB) is an initiative to revisit current load-balancing techniques. These techniques suffer from the fact that they use hash-based functions to balance packet. This prevent hosts to control the path taken by their packets.

CFLB consists of an invertible mechanism that allows sources to easily steer packets over any load-balanced path. CFLB consists in multiple implementation parts:

* A Linux kernel implementation of the CFLB-router forwarding path.

Our members: 
Gregory Detal
Our members: 
Christoph Paasch
Programming language: 
C
Development State: 
beta

Hijacking FON user's Facebook & Twitter sessions using firesheep

Tue, 12/14/2010 - 18:42 by Damien Leroy • Categories:

In the following video, we show that it is easy (i.e. anybody can do it) to hijack FON user's sessions (i.e. access his Facebook, Twitter,... accounts) using a simple Firefox extension. You simply have to be connected on the same access point, which is an open access point in the case of FON and most hotspots.


Technical Report: RAKE payload format

Fri, 11/12/2010 - 20:33 by Gregory Detal • Categories:

Syndicate content