Previous slide | Next slide | Back to the first slide | View Graphic Version |
Security issues related to the MBONE fall under three broad categories: privacy, net flooding, and unauthorized access.
Privacy means that you may wish to have a conference on the MBONE for which only invited participants may view the content. This can be achieved via standard encryption and user authentication methods, for which provision has been made in the RTP protocol. However, applications need to written which will provide this kind of privacy, and also group membership control.
Net Flooding: When you connect to the MBONE, you set yourself up to potentially receive a lot of net traffic. Hackers could be tempted to dump packets to multicast addresses with participants they do not like. Using routers or mrouted, the total multicast traffic could be limited to prevent it from saturating you network, but that only allows the hackers to deny legitimate usage while they hog the bandwidth. Bandwidth limiting schemes that involve user authentication are sorely needed.
The final security risk is that of unauthorized access. Some Unix hosts ignore the IP multicast address and treat received multicast packets just like unicast packets addressed to them. Therefore, services at known port numbers may be accessed via multicast packets, when normally they are inaccessible to the outside world via unicast. This can easily be handled by filtering out known (low) port numbers. Because there are so few multicast applications in circulation, and as most common ones are safe, unauthorized access is not a major concern. However, in the future, as multicast applications proliferate, more robust solutions for preventing unauthorized access will be required.