RFC 3489:STUN - Simple Traversal of User Datagram ...

RFC-Ref

Previous | Next

Frontpage | Contents | Keywords

STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs)

1. Applicability Statement

2. Introduction

5. NAT Variations

6. Overview of Operation

7. Message Overview

8. Server Behavior

8.1. Binding Requests

8.2. Shared Secret Requests

9. Client Behavior

9.2. Obtaining a Shared Secret

9.3. Formulating the Binding Request

9.4. Processing Binding Responses

10.1. Discovery Process

10.2. Binding Lifetime Discovery

10.3. Binding Acquisition

11. Protocol Details

11.1. Message Header

11.2. Message Attributes

11.2.1. MAPPED-ADDRESS

11.2.2. RESPONSE-ADDRESS

11.2.3. CHANGED-ADDRESS

11.2.4. CHANGE-REQUEST

11.2.5. SOURCE-ADDRESS

11.2.6. USERNAME

11.2.7. PASSWORD

11.2.8. MESSAGE-INTEGRITY

11.2.9. ERROR-CODE

11.2.10. UNKNOWN-ATTRIBUTES

11.2.11. REFLECTED-FROM

12. Security Considerations

12.1. Attacks on STUN

12.1.1. Attack I: DDOS Against a Target

12.1.2. Attack II: Silencing a Client

12.1.3. Attack III: Assuming the Identity of a Client

12.1.4. Attack IV: Eavesdropping

12.2. Launching the Attacks

12.2.1. Approach I: Compromise a Legitimate STUN Server

12.2.2. Approach II: DNS Attacks

12.2.3. Approach III: Rogue Router or NAT

12.2.4. Approach IV: MITM

12.2.5. Approach V: Response Injection Plus DoS

12.2.6. Approach VI: Duplication

12.3. Countermeasures

12.4. Residual Threats

13. IANA Considerations

14. IAB Considerations

14.1. Problem Definition

14.2. Exit Strategy

14.3. Brittleness Introduced by STUN

14.4. Requirements for a Long Term Solution

14.5. Issues with Existing NAPT Boxes

14.6. In Closing

15. Acknowledgments

16.1. Normative References

16.2. Informative References

17. Authors' Addresses

18. Full Copyright Statement

19. Acknowledgement

Previous | Next

Frontpage | Contents | Keywords

RFC-Ref.org

Sister Sites

Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org