WO2010133922A1 - Method and apparatus for spoofing an echo reply - Google Patents

Method and apparatus for spoofing an echo reply Download PDF

Info

Publication number
WO2010133922A1
WO2010133922A1 PCT/IB2009/052154 IB2009052154W WO2010133922A1 WO 2010133922 A1 WO2010133922 A1 WO 2010133922A1 IB 2009052154 W IB2009052154 W IB 2009052154W WO 2010133922 A1 WO2010133922 A1 WO 2010133922A1
Authority
WO
WIPO (PCT)
Prior art keywords
echo
echo request
intermediate device
providing
reply
Prior art date
Application number
PCT/IB2009/052154
Other languages
French (fr)
Inventor
Teemu Ilmari Savolainen
Remi Denis-Courmont
Original Assignee
Nokia Corporation
Nokia Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corporation, Nokia Inc. filed Critical Nokia Corporation
Priority to PCT/IB2009/052154 priority Critical patent/WO2010133922A1/en
Priority to TW099116339A priority patent/TW201132088A/en
Publication of WO2010133922A1 publication Critical patent/WO2010133922A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/251Translation of Internet protocol [IP] addresses between different IP versions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2567NAT traversal for reachability, e.g. inquiring the address of a correspondent behind a NAT server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2575NAT traversal using address mapping retrieval, e.g. simple traversal of user datagram protocol through session traversal utilities for NAT [STUN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2592Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/659Internet protocol version 6 [IPv6] addresses

Definitions

  • Embodiments of the present invention relate generally to mechanisms that support wireless communications, and, more particularly, relate to a method and apparatus for spoofing an echo reply in accordance with a Teredo tunneling protocol.
  • IPv4 Internet Protocol version 4
  • IPv6 Internet Protocol version 6
  • IPv6 Internet Protocol version 6
  • the Teredo tunneling protocol is part of a transitional solution that may be used to grant connectivity to devices behind, for example, Network Address Translators - Protocol Translators (NAT-PTs) or firewalls.
  • Teredo may provide IPv6 connectivity when a host is behind an IPv4 NAT-PT, but the provided IPv6 connectivity may be behind IPv6 NAT-PT or IPv6 firewall.
  • the NAT-PTs may convert IPv6 messages to IPv4 messages, which can create issues with generating a connection from a Teredo client. Further firewalls may filter the delivery of a response to some Teredo messages.
  • the presence of the NAT-PT or firewall may inhibit the ability of a Teredo host to make a connection to a destination device (e.g., operating as a Teredo client) or the destination device may fail to, or improperly, respond to a request (e.g., an echo request) for a connection.
  • an intermediate device e.g., a NAT-PT device, a firewall device, etc.
  • the intermediate device may be configured to provide a spoofed echo reply to allow performance of additional operations associated with the Teredo tunneling protocol to establish a connection.
  • One example method comprises receiving an echo request from a Teredo host at an intermediate device.
  • the echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol.
  • the example method may also comprise providing an echo reply to the Teredo host for the destination device.
  • the example apparatus comprises at least one processor and at least one memory including computer program code.
  • the at least one memory and the computer program code may be configured to, with the at least one processor, cause the example apparatus or another apparatus to perform various functionality.
  • the example apparatus or the other apparatus may be caused to perform receiving an echo request from a Teredo host at an intermediate device.
  • the echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol.
  • the example apparatus or the other apparatus may also be caused to perform providing an echo reply to the Teredo host for the destination device.
  • Another example embodiment is an example computer program product for an echo reply.
  • the example computer program product comprises at least one computer- readable storage medium having executable computer-readable program code instructions stored therein.
  • the computer-readable program code instructions of the example computer program product are for receiving an echo request from a Teredo host at an intermediate device.
  • the echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a
  • the computer-readable program code instructions may also be for providing an echo reply to the Teredo host for the destination device.
  • the example apparatus includes means for receiving an echo request from a Teredo host at an intermediate device.
  • the echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol.
  • the example apparatus may also include means for providing an echo reply to the Teredo host for the destination device.
  • FIG. 1 illustrates timing diagram for spoofing an echo reply according to various example embodiments of the present invention
  • FIG. 2 illustrates a block diagram of an example apparatus for spoofing an echo reply according to various example embodiments of the present invention.
  • FIG. 3 illustrates an example method for spoofing an echo reply according to various example embodiments of the present invention.
  • Teredo tunneling protocol
  • Teredo Tunneling IPv6 over UDP through Network Address Translators (NATs)
  • IETF Internet Engineering Task Force
  • Teredo is an IPv6-over-User Datagram Protocol (UDP)-over-IPv4 tunneling protocol, and is designed to provide session connectivity to IPv6 destination network devices and/or nodes when a Teredo client includes only IPv4 connectivity.
  • UDP IPv6-over-User Datagram Protocol
  • a Teredo host may establish a transport session with IPv4 devices in a variety of ways.
  • the Teredo host may simply use IPv4 addressing for itself and an IPv4 destination device to establish a transport session connection.
  • the Teredo host may be configured to operate using IPv6 whenever possible.
  • the Teredo host may utilize a Network Address Translator-
  • NAT-PT Protocol Translator
  • NAT-PT Network Address Translator 64
  • NAT64 is a replacement protocol for NAT-PT due to issues with NAT-PT as described in "Reasons to
  • NAT-PT Network Address Translator - Protocol Translator
  • a Teredo host may use return-routing. To begin a procedure to establish a transport session connection with a destination device, the Teredo host may address an echo request for a destination device, and send the echo request. Upon sending the echo request, the Teredo host may wait for an echo reply from the destination device before proceeding with the remainder of a transport session connection procedure. If no echo reply is received from the destination device, the Teredo host may assume that the destination device is unreachable.
  • the assumption that a destination device is unreachable due to a failure to receive an echo reply may not be a reliable indication of the availability of a destination device.
  • unnecessary delay and failure to establish needed connections may result. For example, a situation may arise where the destination device has been configured such that echo reply sending has been disabled, but the destination device would nonetheless be available for a transport session connection. As a result, a connection would not be established, even though the destination device may support the connection.
  • the assumption that a destination device is unreachable due to a failure to receive an echo reply may again, not always be an accurate assumption due to a variety of issues that may arise.
  • the echo request may be sent as an Internet Control Message Protocol version 6 (ICMPv ⁇ ) echo request, and an ICMPv ⁇ echo reply may be expected from the IPv6 destination device.
  • ICMPv ⁇ Internet Control Message Protocol version 6
  • an IPv6 firewall may be an intermediate device and the IPv6 firewall may block or filter either the ICMPv ⁇ echo request from the Teredo host or the ICMPv ⁇ echo reply from the IPv6 destination device.
  • the IPv6 firewall may prevent the completion of a request-reply operation, and the Teredo host may improperly assume that the IPv6 destination device is unreachable.
  • a Teredo host may address an ICMPv ⁇ echo request for an IPv4 destination device, and send the ICMPv ⁇ echo request.
  • a NAT-PT device may receive the ICMPv ⁇ echo request and convert the ICMPv ⁇ echo request to an Internet Control Message Protocol version 4 (ICMPv4) echo request.
  • the NAT-PT may then forward the ICMPv4 echo request to the IPv4 destination device.
  • an ICMPv4 echo reply from the destination device may not be received.
  • an IPv6 firewall between the Teredo host and the NAT-PT may block or filter the echo request and/or echo reply as described above.
  • an IPv4 firewall may be an intermediate device, and the IPv4 firewall may block or filter either the ICMPv4 echo request from the Teredo host via the NAT-PT, or the ICMPv4 echo reply from the IPv4 destination device.
  • the address conversion by the NAT-PT may be erroneous, and the IPv4 device may never receive the ICMPv4 echo request due to an erroneous address. As such, the completion of a request-reply scheme may be prevented, and the Teredo host may improperly assume that the IPv4 destination device is unreachable.
  • an intermediate device e.g., NAT-PT device or firewall
  • spoof may be used to indicate that the intermediate device responds to an echo request with an echo reply to the Teredo host in a manner that is indistinguishable from an echo reply that would have been provided by the destination device, or the intermediate device responds in a manner that would be expected to originate from the destination device indicating that the Teredo host should continue the connection procedure with the destination device.
  • redundant echo replies from both the destination device and the intermediate device need not have a detrimental impact on the operation of the Teredo host.
  • additional operations during setup of a transport session may provide additional indications, if in fact the destination device is actually unreachable.
  • FIG. 1 is an illustration of an implementation of various example embodiments of the present invention for spoofing an echo reply.
  • the system of FIG. 1 includes a Teredo host 100, an intermediate device 102, and a destination device 104.
  • the Teredo host 100 may be any type of wired or wireless communications device, and may be configured to implement a Teredo tunneling protocol as described above.
  • the intermediate device 102 may be a communications device in a communications path between the Teredo host 100 and the destination device 104.
  • the destination device 104 may be configured to implement a Teredo client and, the destination device 104 may be the communications device that the Teredo host 100 desires to establish a connection with.
  • the Teredo host 100 may send an echo request intended for the destination device.
  • the echo request may be received by the intermediate device 102.
  • the intermediate device 102 may be configured to identify the echo request based on a prefix of an IPv6 source address.
  • the prefix for a Teredo host may be "2001 :0000::/32".
  • the intermediate device 102 may provide a spoofed echo reply 154 upon receipt of the echo request.
  • the intermediate device 102 may be configured such that providing the spoofed echo reply is an automatic response to the receipt of an echo request, and triggering criteria for providing the spoofed echo request need not be considered.
  • a triggering analysis 152 may be undertaken by the intermediate device 102 to determine whether and/or when to provide a spoofed echo reply to the Teredo host 100.
  • the intermediate device 102 may begin a timer when an echo request is received. If an echo reply is not detected by the intermediate device 102 from the destination device prior to expiration of the timer, the intermediate device 102 may be configured to provide a spoofed echo reply at 154 for the destination device 104 to the Teredo host 100.
  • an echo reply from the destination device 104 may be detected by the intermediate device 102 because the intermediate device handles all communications traffic between the Teredo host 100 and the destination device 104.
  • triggering criteria may include an analysis of a number of echo request retries that have been received from the Teredo host 100 directed to the destination device 104.
  • the intermediate device 102 may be configured to maintain (e.g., increment or decrement) a count of the number of echo request retries (an echo request count) from the Teredo host 100 to the destination device 104 within a predetermined period of time. If the number of retries exceeds a predetermined threshold number, the intermediate device 102 may be configured to provide the spoofed echo reply at 154.
  • the parameters of the filtering performed by the firewall may be considered as triggering criteria. For example, if the firewall is set to filter ICMPv4 echo requests/replies and/or ICMPv ⁇ echo requests/replies, the firewall may be configured to provide echo reply spoofing. Additionally, with respect to example embodiments where the intermediate device 102 is a firewall device, situations may arise where a particular firewall device is not always in both the to and from communication paths, due, for example, to communications routing. In this regard, the firewall device that receives the echo request at 150 may be the firewall device that provides the spoofed echo reply 154. However, in some example embodiments, firewall devices may operate in a collective fashion to detect echo replies from the destination device 104 to possibly avoid generating a spoofed echo reply when an echo reply from the destination device is detected.
  • FIG. 2 illustrates an example embodiment of the present invention in the form of an example apparatus 200 that is configured to perform various aspects of the present invention as described herein.
  • the apparatus 200 may be configured to perform the role of the intermediate device 102 as described with respect to FIG. 1.
  • the apparatus 200 may be configured to operate as a
  • the example apparatus 200 may also be configured to perform example methods of the present invention as described herein, such as those described with respect to FIG. 3.
  • the apparatus 200 may be embodied as, or included as a component of, a communications device with wired or wireless communications capabilities.
  • the apparatus 200 may be, or be included within a server, mainframe, gateway, or other network entity that supports and/or utilizes network communications.
  • the apparatus 200 may include or be included within a computer, or a mobile terminal such as a mobile telephone, a portable digital assistant (PDA), a pager, a mobile television, a gaming device, a mobile computer, a laptop computer, a camera, a video recorder, an audio/video player, a radio, and/or a global positioning system (GPS) device, any combination of the aforementioned, or the like.
  • a mobile terminal such as a mobile telephone, a portable digital assistant (PDA), a pager, a mobile television, a gaming device, a mobile computer, a laptop computer, a camera, a video recorder, an audio/video player, a radio, and/or a global positioning system (GPS) device, any combination of the aforementioned, or the like.
  • PDA portable digital assistant
  • GPS global positioning system
  • the example apparatus 200 includes or is otherwise in communication with a processor 205, a memory device 210, a communications interface 215, an echo request receiver 235, and an echo reply spoofer 240.
  • the example apparatus 200 may optionally include a user interface 225.
  • the processor 205 may be embodied as various means implementing various functionality of example embodiments of the present invention including, for example, a microprocessor, a coprocessor, a controller, a special-purpose integrated circuit such as, for example, an ASIC (application specific integrated circuit), an FPGA (field programmable gate array), or a hardware accelerator, processing circuitry or the like.
  • processor 205 may be representative of a plurality of processors operating in concert.
  • the processor 205 may, but need not, include one or more accompanying digital signal processors.
  • the processor 205 is configured to execute instructions stored in the memory device 210 or instructions otherwise accessible to the processor 205.
  • the processor 205 may be an entity capable of performing operations according to embodiments of the present invention while configured accordingly.
  • the processor 205 is embodied as an ASIC, FPGA, or the like, the processor 205 is specifically configured hardware for conducting the operations described herein.
  • the processor 205 is embodied as an executor of instructions stored on a computer-readable storage medium, the instructions specifically configure the processor 205 to perform the algorithms and operations described herein.
  • the processor 205 is a processor of a specific device (e.g., a mobile terminal) configured for employing example embodiments of the present invention by further configuration of the processor 205 via executed instructions for performing the algorithms and operations described herein.
  • the memory device 210 may be one or more computer-readable storage media that may comprise volatile and/or non-volatile memory.
  • the memory device 210 comprises Random Access Memory (RAM) including dynamic and/or static RAM, on-chip or off-chip cache memory, and/or the like.
  • RAM Random Access Memory
  • memory device 210 may comprise non-volatile memory, which may be embedded and/or removable, and may comprise, for example, read-only memory, flash memory, magnetic storage devices (e.g., hard disks, floppy disk drives, magnetic tape, etc.), optical disc drives and/or media, non-volatile random access memory (NVRAM), and/or the like.
  • Memory device 210 may comprise a cache area for temporary storage of data. In this regard, some or all of memory device 210 may be included within the processor 205.
  • the memory device 210 may be configured to store information, data, applications, computer-readable program code instructions, or the like for enabling the processor 205 and the example apparatus 200 to carry out various functions in accordance with example embodiments of the present invention described herein.
  • the memory device 210 could be configured to buffer input data for processing by the processor 205.
  • the memory device 210 may be configured to store instructions for execution by the processor 205.
  • the communication interface 215 may be any device or means embodied in either hardware, a computer program product, or a combination of hardware and a computer program product that is configured to receive and/or transmit data from/to a network and/or any other device or module in communication with the example apparatus 200.
  • Processor 205 may also be configured to facilitate communications via the communications interface by, for example, controlling hardware included within the communications interface 215.
  • the communication interface 215 may comprise, for example, one or more antennas, a transmitter, a receiver, a transceiver and/or supporting hardware, comprising a processor for enabling communications with network 220.
  • the example apparatus 200 may communicate with various other network entities in a device-to-device fashion and/or via indirect communications via a base station, access point, server, gateway, router, or the like.
  • the communications interface 215 may be configured to provide for communications in accordance with any wired or wireless communication standard or communications technique.
  • the communications interface may be configured to communication in accordance with Ethernet (e.g., IEEE 802.3), token ring, (e.g., IEEE 802.4, IEEE 802.5, or the like), Fiber Distributed Data Interface (FDDI), Synchronous Optical Network (SONET), or the like.
  • Ethernet e.g., IEEE 802.3
  • token ring e.g., IEEE 802.4, IEEE 802.5, or the like
  • FDDI Fiber Distributed Data Interface
  • SONET Synchronous Optical Network
  • the communications interface 215 may be configured to support communications in multiple antenna environments, such as multiple input multiple output (MIMO) environments.
  • MIMO multiple input multiple output
  • the communications interface 215 may be configured to support orthogonal frequency division multiplexed (OFDM) signaling.
  • OFDM orthogonal frequency division multiplexed
  • the communications interface 215 may be configured to communicate in accordance with various techniques, such as, second-generation (2G) wireless communication protocols IS-136 (time division multiple access (TDMA)), GSM (global system for mobile communication), IS-95 (code division multiple access (CDMA)), third-generation (3G) wireless communication protocols, such as Universal Mobile Telecommunications System (UMTS), CDMA2000, wideband CDMA (WCDMA) and time division-synchronous CDMA (TD-SCDMA), 3.9 generation (3.9G) wireless communication protocols, such as Evolved Universal Terrestrial Radio
  • 2G wireless communication protocols IS-136 (time division multiple access (TDMA)), GSM (global system for mobile communication), IS-95 (code division multiple access (CDMA)), third-generation (3G) wireless communication protocols, such as Universal Mobile Telecommunications System (UMTS), CDMA2000, wideband CDMA (WCDMA) and time division-synchronous CDMA (TD-SCDMA), 3.9 generation (3.9G) wireless communication protocols, such as Evolved Universal Terrestrial Radio
  • communications interface 215 may be configured to provide for communications in accordance with techniques such as, for example, radio frequency (RF), infrared (IrDA) or any of a number of different wireless networking techniques, including WLAN techniques such as IEEE 802.11 (e.g., 802.1 Ia, 802.1 Ib, 802.1 Ig, 802.1 In, etc.), wireless local area network (WLAN) protocols, world interoperability for microwave access (WiMAX) techniques such as IEEE 802.16, and/or wireless Personal Area Network (WPAN) techniques such as IEEE 802.15, BlueTooth (BT), low power versions of BT, ultra wideband (UWB), Wibree, Zigbee and/or the like.
  • the communications interface 215 may also be configured to support communications at the network layer, possibly via Internet Protocol (IP).
  • IP Internet Protocol
  • the user interface 225 may be in communication with the processor 205 to receive user input via the user interface 225 and/or to present output to a user as, for example, audible, visual, mechanical or other output indications.
  • the user interface 225 may comprise, for example, a keyboard, a mouse, a joystick, a display (e.g., a touch screen display), a microphone, a speaker, or other input/output mechanisms.
  • the echo request receiver 235 and/or the echo reply spoofer 240 of example apparatus 200 may be any means or device embodied, partially or wholly, in hardware, a computer program product, or a combination of hardware and a computer program product, such as processor 205 implementing stored instructions to configure the example apparatus 200, or a hardware configured processor 205, that is configured to carry out the functions of the echo request receiver 235 and/or the echo reply spoofer 240 as described herein.
  • the processor 205 includes, or controls, the echo request receiver 235 and/or the echo reply spoofer 240.
  • the echo request receiver 235 and/or the echo reply spoofer 240 may be, partially or wholly, embodied as processors similar to, but separate from processor 205.
  • the echo request receiver 235 and/or the echo reply spoofer 240 may be in communication with the processor 205.
  • the echo request receiver 235 and/or the echo reply spoofer 240 may, partially or wholly, reside on differing apparatuses such that some or all of the functionality of the echo request receiver 235 and/or the echo reply spoofer 240 may be performed by a first apparatus, and the remainder of the functionality of the echo request receiver 235 and/or the echo reply spoofer 240 may be performed by one or more other apparatuses.
  • the echo request receiver 235 may be configured to cause the apparatus 200 or another apparatus to perform various functionalities.
  • the echo request receiver 235 may be configured to receive or cause the apparatus 200 to receive an echo request from a
  • the echo request may be intended for a destination device other than the apparatus 200.
  • the apparatus 200 may be an intermediate device.
  • the echo request may be formatted in accordance with a Teredo tunneling protocol.
  • the echo reply spoofer 240 may be configured to cause the apparatus 200 or another apparatus to perform various functionalities.
  • the echo reply spoofer 235 may be configured to provide or cause the apparatus 200 to provide a spoofed echo reply to the Teredo host for the destination device.
  • the spoofed echo reply may be provided merely because an echo request was received, without consideration of triggering criteria.
  • the echo reply spoofer 240 may be configured to provide a spoofed echo request based on triggering criteria.
  • the echo reply spoofer 240 may be configured to provide the spoofed echo reply in response to triggering criteria such as the failure to detect an echo reply from the destination device prior to expiration of a timer.
  • the timer may have been started when the echo request was received.
  • the echo reply spoofer 240 may be configured to maintain an echo request count in response to receipt of the echo request.
  • the echo reply spoofer 240 may be configured to provide the spoofed echo reply in response to the echo request count exceeding a threshold value for the number of echo request retries received from the Teredo host, possibly within a predetermined duration of time.
  • FIGs. 1 and 3 illustrate one or more flowcharts of example systems, methods, and/or computer program products according to example embodiments of the invention. It will be understood that each block or operation of the flowcharts, and/or combinations of blocks or operations in the flowcharts, can be implemented by various means. Means for implementing the blocks or operations of the flowcharts, combinations of the blocks or operations in the flowchart, or other functionality of example embodiments of the present invention described herein may comprise hardware, and/or a computer program product comprising a computer-readable storage medium having one or more computer program code instructions, program instructions, or executable computer-readable program code instructions stored therein.
  • program code instructions may be stored on a memory device, such as memory devices 210, of an example apparatus, such as example apparatus 200, and executed by a processor, such as the processor 205.
  • any such program code instructions may be loaded onto a computer or other programmable apparatus (e.g., processor 205, memory device 210) from a computer- readable storage medium to produce a particular machine, such that the particular machine becomes a means for implementing the functions specified in the flowcharts' block(s) or operation(s).
  • These program code instructions may also be stored in a computer-readable storage medium that can direct a computer, a processor, or other programmable apparatus to function in a particular manner to thereby generate a particular machine or particular article of manufacture.
  • the instructions stored in the computer-readable storage medium may produce an article of manufacture, where the article of manufacture becomes a means for implementing the functions specified in the flowcharts' block(s) or operation(s).
  • the program code instructions may be retrieved from a computer-readable storage medium and loaded into a computer, processor, or other programmable apparatus to configure the computer, processor, or other programmable apparatus to execute operations to be performed on or by the computer, processor, or other programmable apparatus.
  • Retrieval, loading, and execution of the program code instructions may be performed sequentially such that one instruction is retrieved, loaded, and executed at a time. In some example embodiments, retrieval, loading and/or execution may be performed in parallel such that multiple instructions are retrieved, loaded, and/or executed together.
  • Execution of the program code instructions may produce a computer-implemented process such that the instructions executed by the computer, processor, or other programmable apparatus provide operations for implementing the functions specified in the flowcharts' block(s) or operation(s).
  • execution of instructions associated with the blocks or operations of the flowchart by a processor, or storage of instructions associated with the blocks or operations of the flowcharts in a computer-readable storage medium support combinations of operations for performing the specified functions.
  • one or more blocks or operations of the flowcharts, and combinations of blocks or operations in the flowcharts may be implemented by special purpose hardware- based computer systems and/or processors which perform the specified functions, or combinations of special purpose hardware and program code instructions.
  • FIG. 3 depicts one or more flowcharts of example methods for echo reply spoofing.
  • One example method comprises receiving an echo request from a Teredo host at an intermediate device at 300.
  • the intermediate device may be implementing a NAT-PT and/or a firewall.
  • the echo request may be intended for a destination device other than the intermediate device.
  • the echo request may be formatted in accordance with a Teredo tunneling protocol.
  • the example method may comprise providing a spoofed echo reply to the
  • the spoofed echo reply may be provided merely because an echo request was received, without consideration of any triggering criteria.
  • the example method may analyze and consider triggering criteria at 305 prior to providing a spoofed echo reply.
  • a spoofed echo reply may be provided in response to triggering criteria being a failure to detect an echo reply from the destination device prior to expiration of a timer.
  • the timer may have been started when the echo request was received.
  • the example method may comprise maintaining an echo request count in response to receipt of the echo request, and the spoofed echo reply may be provided in response to the echo request count exceeding a threshold value for the number of echo request retries received from the Teredo host, possibly within a predetermined duration of time.

Abstract

Various methods for spoofing an echo reply are provided. One example method comprises receiving an echo request from a Teredo host at an intermediate device. The echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol. The example method may also comprise providing a spoofed echo reply to the Teredo host for the destination device. Similar and related example methods and example apparatuses are also provided.

Description

METHOD AND APPARATUS FOR SPOOFING AN ECHO REPLY
TECHNICAL FIELD
Embodiments of the present invention relate generally to mechanisms that support wireless communications, and, more particularly, relate to a method and apparatus for spoofing an echo reply in accordance with a Teredo tunneling protocol.
BACKGROUND
Internet Protocol version 4 (IPv4) has experienced widespread implementation for Internet Protocol (IP) communications. Despite the widespread use of IPv4, a more robust protocol was needed to support new requirements for IP communications. In response, Internet Protocol version 6 (IPv6) was defined and introduced as the next step in the evolution of Internet Protocol. However, due to IPv4's widespread use, a transition period has been implemented where IPv4 and IPv6 coexist. As such, various transitional solutions may be required to facilitate communications between IPv4 and IPv6 devices during the transition. However, issues involving the interoperability between these transitional solutions may have negative impact on network performance.
BRIEF SUMMARY
The Teredo tunneling protocol is part of a transitional solution that may be used to grant connectivity to devices behind, for example, Network Address Translators - Protocol Translators (NAT-PTs) or firewalls. Teredo may provide IPv6 connectivity when a host is behind an IPv4 NAT-PT, but the provided IPv6 connectivity may be behind IPv6 NAT-PT or IPv6 firewall. The NAT-PTs may convert IPv6 messages to IPv4 messages, which can create issues with generating a connection from a Teredo client. Further firewalls may filter the delivery of a response to some Teredo messages. As such, the presence of the NAT-PT or firewall may inhibit the ability of a Teredo host to make a connection to a destination device (e.g., operating as a Teredo client) or the destination device may fail to, or improperly, respond to a request (e.g., an echo request) for a connection. In this regard, an intermediate device (e.g., a NAT-PT device, a firewall device, etc.) may receive an echo request from a Teredo host. To avoid situations where a connection procedure is improperly terminated, the intermediate device may be configured to provide a spoofed echo reply to allow performance of additional operations associated with the Teredo tunneling protocol to establish a connection.
Various example embodiments of the present invention are described herein. One example method comprises receiving an echo request from a Teredo host at an intermediate device. The echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol. The example method may also comprise providing an echo reply to the Teredo host for the destination device.
Another example embodiment is an example apparatus for an echo reply. The example apparatus comprises at least one processor and at least one memory including computer program code. The at least one memory and the computer program code may be configured to, with the at least one processor, cause the example apparatus or another apparatus to perform various functionality. For example, the example apparatus or the other apparatus may be caused to perform receiving an echo request from a Teredo host at an intermediate device. The echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol. The example apparatus or the other apparatus may also be caused to perform providing an echo reply to the Teredo host for the destination device. Another example embodiment is an example computer program product for an echo reply. The example computer program product comprises at least one computer- readable storage medium having executable computer-readable program code instructions stored therein. The computer-readable program code instructions of the example computer program product are for receiving an echo request from a Teredo host at an intermediate device. The echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a
Teredo tunneling protocol. The computer-readable program code instructions may also be for providing an echo reply to the Teredo host for the destination device.
Another example embodiment is an apparatus for an echo reply. The example apparatus includes means for receiving an echo request from a Teredo host at an intermediate device. The echo request may be intended for a destination device other than the intermediate device, and the echo request may be formatted in accordance with a Teredo tunneling protocol. The example apparatus may also include means for providing an echo reply to the Teredo host for the destination device.
BRIEF DESCRIPTION OF THE DRAWING(S)
Having thus described the invention in general terms, reference will now be made to the accompanying drawings, which are not necessarily drawn to scale, and wherein:
FIG. 1 illustrates timing diagram for spoofing an echo reply according to various example embodiments of the present invention;
FIG. 2 illustrates a block diagram of an example apparatus for spoofing an echo reply according to various example embodiments of the present invention; and
FIG. 3 illustrates an example method for spoofing an echo reply according to various example embodiments of the present invention.
DETAILED DESCRIPTION
Example embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all embodiments of the invention are shown. Indeed, the invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will satisfy applicable legal requirements. Like reference numerals refer to like elements throughout. The terms "data," "content," "information," and similar terms may be used interchangeably, according to some example embodiments of the present invention, to refer to data capable of being transmitted, received, operated on, and/or stored. Various example embodiments of the present invention, operate in accordance with aspects of a Teredo tunneling protocol, such as the Teredo tunneling protocol described in "Teredo: Tunneling IPv6 over UDP through Network Address Translators (NATs)", Internet Engineering Task Force (IETF) Request for Comments 4380, February 2006, which is hereby incorporated by reference in its entirety. Teredo is an IPv6-over-User Datagram Protocol (UDP)-over-IPv4 tunneling protocol, and is designed to provide session connectivity to IPv6 destination network devices and/or nodes when a Teredo client includes only IPv4 connectivity. A Teredo host may establish a transport session with IPv4 devices in a variety of ways. In a first instance, the Teredo host may simply use IPv4 addressing for itself and an IPv4 destination device to establish a transport session connection. In a second instance, the Teredo host may be configured to operate using IPv6 whenever possible. As such, to connect to IPv4 devices, the Teredo host may utilize a Network Address Translator-
Protocol Translator (NAT-PT) device as an intermediate device for address conversion from IPv6 to IPv4, and vice versa. According to various example embodiments, the operation of a NAT-PT device is described in "Network Address Translation - Protocol Translation (NAT-PT)", IETF Request for Comments 2766, February 2000, which is hereby incorporated by reference in its entirety. As such, a NAT-PT device may operate as an IPv6-IPv4 address conversion gateway between IPv6 and IPv4 networks.
As described herein, the operation of a NAT-PT device may alternatively be described as the operation of a Network Address Translator 64 (NAT64) device or another mechanism that provides translation between IPv4 and IPv6, or vice versa. NAT64 is a replacement protocol for NAT-PT due to issues with NAT-PT as described in "Reasons to
Move the Network Address Translator - Protocol Translator (NAT-PT) to Historic Status", IETF Request for Comments 4966, July 2007, which is hereby incorporated by reference in its entirety.
Regardless of whether a Teredo host uses IPv6 addressing, possibly implemented through a NAT-PT, or IPv4 direct addressing to locate and identify destination devices and form transport session connections, a Teredo host may use return-routing. To begin a procedure to establish a transport session connection with a destination device, the Teredo host may address an echo request for a destination device, and send the echo request. Upon sending the echo request, the Teredo host may wait for an echo reply from the destination device before proceeding with the remainder of a transport session connection procedure. If no echo reply is received from the destination device, the Teredo host may assume that the destination device is unreachable.
The assumption that a destination device is unreachable due to a failure to receive an echo reply may not be a reliable indication of the availability of a destination device. When the assumption is incorrect, unnecessary delay and failure to establish needed connections may result. For example, a situation may arise where the destination device has been configured such that echo reply sending has been disabled, but the destination device would nonetheless be available for a transport session connection. As a result, a connection would not be established, even though the destination device may support the connection.
Further, when a Teredo host utilizes IPv6 addressing, the assumption that a destination device is unreachable due to a failure to receive an echo reply may again, not always be an accurate assumption due to a variety of issues that may arise. For example, the echo request may be sent as an Internet Control Message Protocol version 6 (ICMPvό) echo request, and an ICMPvό echo reply may be expected from the IPv6 destination device. However, an IPv6 firewall may be an intermediate device and the IPv6 firewall may block or filter either the ICMPvό echo request from the Teredo host or the ICMPvό echo reply from the IPv6 destination device. As such, the IPv6 firewall may prevent the completion of a request-reply operation, and the Teredo host may improperly assume that the IPv6 destination device is unreachable.
In an IPv6 addressing via a NAT-PT scenario, a Teredo host may address an ICMPvό echo request for an IPv4 destination device, and send the ICMPvό echo request. A NAT-PT device may receive the ICMPvό echo request and convert the ICMPvό echo request to an Internet Control Message Protocol version 4 (ICMPv4) echo request. The NAT-PT may then forward the ICMPv4 echo request to the IPv4 destination device. However, for a variety or reasons, an ICMPv4 echo reply from the destination device may not be received. For example, an IPv6 firewall between the Teredo host and the NAT-PT may block or filter the echo request and/or echo reply as described above. Alternatively, or additionally, an IPv4 firewall may be an intermediate device, and the IPv4 firewall may block or filter either the ICMPv4 echo request from the Teredo host via the NAT-PT, or the ICMPv4 echo reply from the IPv4 destination device. Alternatively, or additionally, the address conversion by the NAT-PT may be erroneous, and the IPv4 device may never receive the ICMPv4 echo request due to an erroneous address. As such, the completion of a request-reply scheme may be prevented, and the Teredo host may improperly assume that the IPv4 destination device is unreachable.
To remedy the issues described above, according to example embodiments of the present invention, an intermediate device (e.g., NAT-PT device or firewall) may be configured to spoof an echo reply. In this regard, the term spoof may be used to indicate that the intermediate device responds to an echo request with an echo reply to the Teredo host in a manner that is indistinguishable from an echo reply that would have been provided by the destination device, or the intermediate device responds in a manner that would be expected to originate from the destination device indicating that the Teredo host should continue the connection procedure with the destination device.
According to some example embodiments, redundant echo replies from both the destination device and the intermediate device need not have a detrimental impact on the operation of the Teredo host. Further, in some example embodiments, additional operations during setup of a transport session may provide additional indications, if in fact the destination device is actually unreachable.
FIG. 1 is an illustration of an implementation of various example embodiments of the present invention for spoofing an echo reply. The system of FIG. 1 includes a Teredo host 100, an intermediate device 102, and a destination device 104. The Teredo host 100 may be any type of wired or wireless communications device, and may be configured to implement a Teredo tunneling protocol as described above. The intermediate device 102 may be a communications device in a communications path between the Teredo host 100 and the destination device 104. The destination device 104 may be configured to implement a Teredo client and, the destination device 104 may be the communications device that the Teredo host 100 desires to establish a connection with.
At 150, the Teredo host 100 may send an echo request intended for the destination device. The echo request may be received by the intermediate device 102. According to some example embodiments, the intermediate device 102 may be configured to identify the echo request based on a prefix of an IPv6 source address. In this regard, the prefix for a Teredo host may be "2001 :0000::/32".
According to some example embodiments, the intermediate device 102 may provide a spoofed echo reply 154 upon receipt of the echo request. In this regard, the intermediate device 102 may be configured such that providing the spoofed echo reply is an automatic response to the receipt of an echo request, and triggering criteria for providing the spoofed echo request need not be considered.
Alternatively, in some example embodiments, a triggering analysis 152 may be undertaken by the intermediate device 102 to determine whether and/or when to provide a spoofed echo reply to the Teredo host 100. According to some example embodiments, the intermediate device 102 may begin a timer when an echo request is received. If an echo reply is not detected by the intermediate device 102 from the destination device prior to expiration of the timer, the intermediate device 102 may be configured to provide a spoofed echo reply at 154 for the destination device 104 to the Teredo host 100. According to some example embodiments, such as when the intermediate device 102 is a NAT-PT device, an echo reply from the destination device 104 may be detected by the intermediate device 102 because the intermediate device handles all communications traffic between the Teredo host 100 and the destination device 104.
Alternatively, or additionally, triggering criteria may include an analysis of a number of echo request retries that have been received from the Teredo host 100 directed to the destination device 104. In this regard, the intermediate device 102 may be configured to maintain (e.g., increment or decrement) a count of the number of echo request retries (an echo request count) from the Teredo host 100 to the destination device 104 within a predetermined period of time. If the number of retries exceeds a predetermined threshold number, the intermediate device 102 may be configured to provide the spoofed echo reply at 154.
In example embodiments where the intermediate device 102 is a firewall device, the parameters of the filtering performed by the firewall may be considered as triggering criteria. For example, if the firewall is set to filter ICMPv4 echo requests/replies and/or ICMPvό echo requests/replies, the firewall may be configured to provide echo reply spoofing. Additionally, with respect to example embodiments where the intermediate device 102 is a firewall device, situations may arise where a particular firewall device is not always in both the to and from communication paths, due, for example, to communications routing. In this regard, the firewall device that receives the echo request at 150 may be the firewall device that provides the spoofed echo reply 154. However, in some example embodiments, firewall devices may operate in a collective fashion to detect echo replies from the destination device 104 to possibly avoid generating a spoofed echo reply when an echo reply from the destination device is detected.
The description provided above and generally herein illustrates example methods, example apparatuses, and example computer program products for spoofing an echo reply.
FIG. 2 illustrates an example embodiment of the present invention in the form of an example apparatus 200 that is configured to perform various aspects of the present invention as described herein. According to various example embodiments, the apparatus 200 may be configured to perform the role of the intermediate device 102 as described with respect to FIG. 1. In this regard, the apparatus 200 may be configured to operate as a
NAT-PT device and/or a firewall (e.g., an ICMPvό firewall, an ICMPv4 filtering firewall, or the like) device. The example apparatus 200 may also be configured to perform example methods of the present invention as described herein, such as those described with respect to FIG. 3. Referring now to FIG. 2, in some example embodiments, the apparatus 200 may be embodied as, or included as a component of, a communications device with wired or wireless communications capabilities. According to various example embodiments, the apparatus 200 may be, or be included within a server, mainframe, gateway, or other network entity that supports and/or utilizes network communications. In some example embodiments, the apparatus 200 may include or be included within a computer, or a mobile terminal such as a mobile telephone, a portable digital assistant (PDA), a pager, a mobile television, a gaming device, a mobile computer, a laptop computer, a camera, a video recorder, an audio/video player, a radio, and/or a global positioning system (GPS) device, any combination of the aforementioned, or the like.
The example apparatus 200 includes or is otherwise in communication with a processor 205, a memory device 210, a communications interface 215, an echo request receiver 235, and an echo reply spoofer 240. In some embodiments, the example apparatus 200 may optionally include a user interface 225. The processor 205 may be embodied as various means implementing various functionality of example embodiments of the present invention including, for example, a microprocessor, a coprocessor, a controller, a special-purpose integrated circuit such as, for example, an ASIC (application specific integrated circuit), an FPGA (field programmable gate array), or a hardware accelerator, processing circuitry or the like. According to one example embodiment, processor 205 may be representative of a plurality of processors operating in concert. The processor 205 may, but need not, include one or more accompanying digital signal processors. In some example embodiments, the processor 205 is configured to execute instructions stored in the memory device 210 or instructions otherwise accessible to the processor 205. As such, whether configured as hardware or via instructions stored on a computer-readable storage medium, or by a combination thereof, the processor 205 may be an entity capable of performing operations according to embodiments of the present invention while configured accordingly. Thus, in example embodiments where the processor 205 is embodied as an ASIC, FPGA, or the like, the processor 205 is specifically configured hardware for conducting the operations described herein. Alternatively, in example embodiments where the processor 205 is embodied as an executor of instructions stored on a computer-readable storage medium, the instructions specifically configure the processor 205 to perform the algorithms and operations described herein. In some example embodiments, the processor 205 is a processor of a specific device (e.g., a mobile terminal) configured for employing example embodiments of the present invention by further configuration of the processor 205 via executed instructions for performing the algorithms and operations described herein.
The memory device 210 may be one or more computer-readable storage media that may comprise volatile and/or non-volatile memory. In some example embodiments, the memory device 210 comprises Random Access Memory (RAM) including dynamic and/or static RAM, on-chip or off-chip cache memory, and/or the like. Further, memory device 210 may comprise non-volatile memory, which may be embedded and/or removable, and may comprise, for example, read-only memory, flash memory, magnetic storage devices (e.g., hard disks, floppy disk drives, magnetic tape, etc.), optical disc drives and/or media, non-volatile random access memory (NVRAM), and/or the like. Memory device 210 may comprise a cache area for temporary storage of data. In this regard, some or all of memory device 210 may be included within the processor 205.
Further, the memory device 210 may be configured to store information, data, applications, computer-readable program code instructions, or the like for enabling the processor 205 and the example apparatus 200 to carry out various functions in accordance with example embodiments of the present invention described herein. For example, the memory device 210 could be configured to buffer input data for processing by the processor 205. Additionally, or alternatively, the memory device 210 may be configured to store instructions for execution by the processor 205. The communication interface 215 may be any device or means embodied in either hardware, a computer program product, or a combination of hardware and a computer program product that is configured to receive and/or transmit data from/to a network and/or any other device or module in communication with the example apparatus 200. Processor 205 may also be configured to facilitate communications via the communications interface by, for example, controlling hardware included within the communications interface 215. In this regard, the communication interface 215 may comprise, for example, one or more antennas, a transmitter, a receiver, a transceiver and/or supporting hardware, comprising a processor for enabling communications with network 220. Via the communication interface 215 and the network 220, the example apparatus 200 may communicate with various other network entities in a device-to-device fashion and/or via indirect communications via a base station, access point, server, gateway, router, or the like.
The communications interface 215 may be configured to provide for communications in accordance with any wired or wireless communication standard or communications technique. For example, the communications interface may be configured to communication in accordance with Ethernet (e.g., IEEE 802.3), token ring, (e.g., IEEE 802.4, IEEE 802.5, or the like), Fiber Distributed Data Interface (FDDI), Synchronous Optical Network (SONET), or the like. The communications interface 215 may be configured to support communications in multiple antenna environments, such as multiple input multiple output (MIMO) environments. Further, the communications interface 215 may be configured to support orthogonal frequency division multiplexed (OFDM) signaling. In some example embodiments, the communications interface 215 may be configured to communicate in accordance with various techniques, such as, second-generation (2G) wireless communication protocols IS-136 (time division multiple access (TDMA)), GSM (global system for mobile communication), IS-95 (code division multiple access (CDMA)), third-generation (3G) wireless communication protocols, such as Universal Mobile Telecommunications System (UMTS), CDMA2000, wideband CDMA (WCDMA) and time division-synchronous CDMA (TD-SCDMA), 3.9 generation (3.9G) wireless communication protocols, such as Evolved Universal Terrestrial Radio
Access Network (E-UTRAN), with fourth-generation (4G) wireless communication protocols, international mobile telecommunications advanced (IMT-Advanced) protocols, Long Term Evolution (LTE) protocols including LTE-advanced, or the like. Further, communications interface 215 may be configured to provide for communications in accordance with techniques such as, for example, radio frequency (RF), infrared (IrDA) or any of a number of different wireless networking techniques, including WLAN techniques such as IEEE 802.11 (e.g., 802.1 Ia, 802.1 Ib, 802.1 Ig, 802.1 In, etc.), wireless local area network (WLAN) protocols, world interoperability for microwave access (WiMAX) techniques such as IEEE 802.16, and/or wireless Personal Area Network (WPAN) techniques such as IEEE 802.15, BlueTooth (BT), low power versions of BT, ultra wideband (UWB), Wibree, Zigbee and/or the like. The communications interface 215 may also be configured to support communications at the network layer, possibly via Internet Protocol (IP).
The user interface 225 may be in communication with the processor 205 to receive user input via the user interface 225 and/or to present output to a user as, for example, audible, visual, mechanical or other output indications. The user interface 225 may comprise, for example, a keyboard, a mouse, a joystick, a display (e.g., a touch screen display), a microphone, a speaker, or other input/output mechanisms. The echo request receiver 235 and/or the echo reply spoofer 240 of example apparatus 200 may be any means or device embodied, partially or wholly, in hardware, a computer program product, or a combination of hardware and a computer program product, such as processor 205 implementing stored instructions to configure the example apparatus 200, or a hardware configured processor 205, that is configured to carry out the functions of the echo request receiver 235 and/or the echo reply spoofer 240 as described herein. In an example embodiment, the processor 205 includes, or controls, the echo request receiver 235 and/or the echo reply spoofer 240. The echo request receiver 235 and/or the echo reply spoofer 240 may be, partially or wholly, embodied as processors similar to, but separate from processor 205. In this regard, the echo request receiver 235 and/or the echo reply spoofer 240 may be in communication with the processor 205. In various example embodiments, the echo request receiver 235 and/or the echo reply spoofer 240 may, partially or wholly, reside on differing apparatuses such that some or all of the functionality of the echo request receiver 235 and/or the echo reply spoofer 240 may be performed by a first apparatus, and the remainder of the functionality of the echo request receiver 235 and/or the echo reply spoofer 240 may be performed by one or more other apparatuses.
The echo request receiver 235 may be configured to cause the apparatus 200 or another apparatus to perform various functionalities. The echo request receiver 235 may be configured to receive or cause the apparatus 200 to receive an echo request from a
Teredo host. The echo request may be intended for a destination device other than the apparatus 200. In this regard, the apparatus 200 may be an intermediate device. The echo request may be formatted in accordance with a Teredo tunneling protocol.
The echo reply spoofer 240 may be configured to cause the apparatus 200 or another apparatus to perform various functionalities. The echo reply spoofer 235 may be configured to provide or cause the apparatus 200 to provide a spoofed echo reply to the Teredo host for the destination device. In some example embodiments, the spoofed echo reply may be provided merely because an echo request was received, without consideration of triggering criteria. However, in some example embodiments, the echo reply spoofer 240 may be configured to provide a spoofed echo request based on triggering criteria. For example, the echo reply spoofer 240 may be configured to provide the spoofed echo reply in response to triggering criteria such as the failure to detect an echo reply from the destination device prior to expiration of a timer. In this regard, the timer may have been started when the echo request was received. Further, in some example embodiments, the echo reply spoofer 240 may be configured to maintain an echo request count in response to receipt of the echo request. In this regard, the echo reply spoofer 240 may be configured to provide the spoofed echo reply in response to the echo request count exceeding a threshold value for the number of echo request retries received from the Teredo host, possibly within a predetermined duration of time.
FIGs. 1 and 3 illustrate one or more flowcharts of example systems, methods, and/or computer program products according to example embodiments of the invention. It will be understood that each block or operation of the flowcharts, and/or combinations of blocks or operations in the flowcharts, can be implemented by various means. Means for implementing the blocks or operations of the flowcharts, combinations of the blocks or operations in the flowchart, or other functionality of example embodiments of the present invention described herein may comprise hardware, and/or a computer program product comprising a computer-readable storage medium having one or more computer program code instructions, program instructions, or executable computer-readable program code instructions stored therein. In this regard, program code instructions may be stored on a memory device, such as memory devices 210, of an example apparatus, such as example apparatus 200, and executed by a processor, such as the processor 205. As will be appreciated, any such program code instructions may be loaded onto a computer or other programmable apparatus (e.g., processor 205, memory device 210) from a computer- readable storage medium to produce a particular machine, such that the particular machine becomes a means for implementing the functions specified in the flowcharts' block(s) or operation(s). These program code instructions may also be stored in a computer-readable storage medium that can direct a computer, a processor, or other programmable apparatus to function in a particular manner to thereby generate a particular machine or particular article of manufacture. The instructions stored in the computer-readable storage medium may produce an article of manufacture, where the article of manufacture becomes a means for implementing the functions specified in the flowcharts' block(s) or operation(s). The program code instructions may be retrieved from a computer-readable storage medium and loaded into a computer, processor, or other programmable apparatus to configure the computer, processor, or other programmable apparatus to execute operations to be performed on or by the computer, processor, or other programmable apparatus. Retrieval, loading, and execution of the program code instructions may be performed sequentially such that one instruction is retrieved, loaded, and executed at a time. In some example embodiments, retrieval, loading and/or execution may be performed in parallel such that multiple instructions are retrieved, loaded, and/or executed together. Execution of the program code instructions may produce a computer-implemented process such that the instructions executed by the computer, processor, or other programmable apparatus provide operations for implementing the functions specified in the flowcharts' block(s) or operation(s).
Accordingly, execution of instructions associated with the blocks or operations of the flowchart by a processor, or storage of instructions associated with the blocks or operations of the flowcharts in a computer-readable storage medium, support combinations of operations for performing the specified functions. It will also be understood that one or more blocks or operations of the flowcharts, and combinations of blocks or operations in the flowcharts, may be implemented by special purpose hardware- based computer systems and/or processors which perform the specified functions, or combinations of special purpose hardware and program code instructions.
FIG. 3 depicts one or more flowcharts of example methods for echo reply spoofing. One example method comprises receiving an echo request from a Teredo host at an intermediate device at 300. According to various example embodiments, the intermediate device may be implementing a NAT-PT and/or a firewall. The echo request may be intended for a destination device other than the intermediate device. The echo request may be formatted in accordance with a Teredo tunneling protocol. At 310, the example method may comprise providing a spoofed echo reply to the
Teredo host for the destination device. In some example embodiments, the spoofed echo reply may be provided merely because an echo request was received, without consideration of any triggering criteria. However, in some example embodiments, the example method may analyze and consider triggering criteria at 305 prior to providing a spoofed echo reply. For example, a spoofed echo reply may be provided in response to triggering criteria being a failure to detect an echo reply from the destination device prior to expiration of a timer. In this regard, the timer may have been started when the echo request was received. Further, in some example embodiments, the example method may comprise maintaining an echo request count in response to receipt of the echo request, and the spoofed echo reply may be provided in response to the echo request count exceeding a threshold value for the number of echo request retries received from the Teredo host, possibly within a predetermined duration of time.
Many modifications and other embodiments of the inventions set forth herein will come to mind to one skilled in the art to which these inventions pertain having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the inventions are not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Moreover, although the foregoing descriptions and the associated drawings describe example embodiments in the context of certain example combinations of elements and/or functions, it should be appreciated that different combinations of elements and/or functions may be provided by alternative embodiments without departing from the scope of the appended claims. In this regard, for example, different combinations of elements and/or functions other than those explicitly described above are also contemplated as may be set forth in some of the appended claims.
Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims

WHAT IS CLAIMED IS:
1. A method comprising: receiving an echo request from a Teredo host at an intermediate device, the echo request being intended for a destination device other than the intermediate device, and the echo request being formatted in accordance with a Teredo tunneling protocol; and providing an echo reply to the Teredo host for the destination device.
2. The method of claim 1, wherein providing the echo reply comprises providing the echo reply based on triggering criteria.
3. The method of claim 1 , wherein providing the echo reply comprises providing the echo reply in response to not detecting an echo reply from the destination device prior to expiration of a timer.
4. The method of claim 1 further comprising maintaining an echo request count in response to receipt of the echo request; and wherein providing the echo reply comprises providing the echo reply in response to the echo request count exceeding a threshold value.
5. The method of claim 1, wherein receiving the echo request at the intermediate device comprises receiving the echo request at the intermediate device, the intermediate device implementing a Network Address Translator - Protocol Translator (NAT-PT) to receive the echo request.
6. The method of claim 1 , wherein receiving the echo request at the intermediate device comprises receiving the echo request at the intermediate device, the intermediate device implementing an firewall configured to filter an echo request or an echo reply originating at the destination device.
7. An apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus or an other apparatus to perform at least the following: receiving an echo request from a Teredo host at an intermediate device, the echo request being intended for a destination device other than the intermediate device, and the echo request being formatted in accordance with a Teredo tunneling protocol; and providing an echo reply to the Teredo host for the destination device.
8. The apparatus of claim 7, wherein the apparatus or the other apparatus caused to perform providing the echo reply comprises being caused to perform providing the echo reply based on triggering criteria.
9. The apparatus of claim 7, wherein the apparatus or the other apparatus caused to perform providing the echo reply comprises being caused to perform providing the echo reply in response to not detecting an echo reply from the destination device prior to expiration of a timer.
10. The apparatus of claim 7, wherein the apparatus or the other apparatus is further caused to perform maintaining an echo request count in response to receipt of the echo request; and wherein the apparatus or the other apparatus caused to perform providing the echo reply comprises being caused to perform providing the echo reply in response to the echo request count exceeding a threshold value.
11. The apparatus of claim 7, wherein the apparatus or the other apparatus caused to perform receiving the echo request at the intermediate device comprises being caused to perform receiving the echo request at the intermediate device, the intermediate device implementing a Network Address Translator - Protocol Translator (NAT-PT) to receive the echo request.
12. The apparatus of claim 7, wherein the apparatus or the other apparatus is further caused to perform receiving the echo request at the intermediate device comprises being caused receiving the echo request at the intermediate device, the intermediate device implementing an firewall configured to filter an echo request or an echo reply originating at the destination device.
13. The apparatus of claim 7, wherein the apparatus or the other apparatus comprises a network server.
14. An computer program product comprising at least one computer-readable storage medium having executable computer-readable program code instructions stored therein, the computer-readable program code instructions for: receiving an echo request from a Teredo host at an intermediate device, the echo request being intended for a destination device other than the intermediate device, and the echo request being formatted in accordance with a Teredo tunneling protocol; and providing an echo reply to the Teredo host for the destination device.
15. The computer program product of claim 14, wherein the computer-readable program code instructions for providing the echo reply comprise computer-readable program code instructions for providing the echo reply based on triggering criteria.
16. The computer program product of claim 14, wherein the computer-readable program code instructions for providing the echo reply comprise computer-readable program code instructions for providing the echo reply in response to not detecting an echo reply from the destination device prior to expiration of a timer.
17. The computer program product of claim 14, wherein the computer-readable program code instructions further comprise computer-readable program code instructions for maintaining an echo request count in response to receipt of the echo request; and wherein the computer-readable program code instructions for providing the echo reply include computer-readable program code instructions for providing the echo reply in response to the echo request count exceeding a threshold value.
18. The computer program product of claim 14, wherein the computer-readable program code instructions for receiving the echo request at the intermediate device comprise computer-readable program code instructions for receiving the echo request at the intermediate device, the intermediate device implementing a Network Address Translator - Protocol Translator (NAT-PT) to receive the echo request.
19. The computer program product of claim 14, wherein the computer-readable program code instructions for receiving the echo request at the intermediate device comprise computer-readable program code instructions for receiving the echo request at the intermediate device, the intermediate device implementing an firewall configured to filter an echo request or an echo reply originating at the destination device.
20. An apparatus comprising: means for receiving an echo request from a Teredo host at an intermediate device, the echo request being intended for a destination device other than the intermediate device, and the echo request being formatted in accordance with a Teredo tunneling protocol; and means for providing an echo reply to the Teredo host for the destination device.
21. The apparatus of claim 20, wherein means for providing the echo reply comprises means for providing the echo reply based on triggering criteria.
PCT/IB2009/052154 2009-05-22 2009-05-22 Method and apparatus for spoofing an echo reply WO2010133922A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/IB2009/052154 WO2010133922A1 (en) 2009-05-22 2009-05-22 Method and apparatus for spoofing an echo reply
TW099116339A TW201132088A (en) 2009-05-22 2010-05-21 Method and apparatus for spoofing an echo reply

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB2009/052154 WO2010133922A1 (en) 2009-05-22 2009-05-22 Method and apparatus for spoofing an echo reply

Publications (1)

Publication Number Publication Date
WO2010133922A1 true WO2010133922A1 (en) 2010-11-25

Family

ID=41429344

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2009/052154 WO2010133922A1 (en) 2009-05-22 2009-05-22 Method and apparatus for spoofing an echo reply

Country Status (2)

Country Link
TW (1) TW201132088A (en)
WO (1) WO2010133922A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013050823A1 (en) * 2011-10-06 2013-04-11 Telefonaktiebolaget L M Ericsson (Publ) Test traffic interceptor in a data network

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020046348A1 (en) * 2000-07-13 2002-04-18 Brustoloni Jose?Apos; C. Method and apparatus for robust NAT interoperation with IPSEC'S IKE and ESP tunnel mode
US20040190549A1 (en) * 2003-03-27 2004-09-30 Christian Huitema Allowing IPv4 clients to communicate over an IPv6 network when behind a network address translator with reduced server workload

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020046348A1 (en) * 2000-07-13 2002-04-18 Brustoloni Jose?Apos; C. Method and apparatus for robust NAT interoperation with IPSEC'S IKE and ESP tunnel mode
US20040190549A1 (en) * 2003-03-27 2004-09-30 Christian Huitema Allowing IPv4 clients to communicate over an IPv6 network when behind a network address translator with reduced server workload

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HUITEMA MICROSOFT C: "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs); rfc4380.txt", IETF STANDARD, INTERNET ENGINEERING TASK FORCE, IETF, CH, 1 February 2006 (2006-02-01), XP015044812, ISSN: 0000-0003 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013050823A1 (en) * 2011-10-06 2013-04-11 Telefonaktiebolaget L M Ericsson (Publ) Test traffic interceptor in a data network
JP2014531866A (en) * 2011-10-06 2014-11-27 テレフオンアクチーボラゲット エル エム エリクソン(パブル) Test traffic interceptor
US9900233B2 (en) 2011-10-06 2018-02-20 Telefonaktiebolaget Lm Ericsson (Publ) Test traffic interceptor

Also Published As

Publication number Publication date
TW201132088A (en) 2011-09-16

Similar Documents

Publication Publication Date Title
US8259592B2 (en) IP mobility for devices with multiple radios
JP6163677B2 (en) Apparatus, system and method for selectively providing Internet Protocol (IP) session continuity
WO2017000878A1 (en) Message processing
US9529623B2 (en) Method, migration management apparatus, network device, and virtual machine server for migrating virtual machine parameters
EP3331205B1 (en) Data packet transmission method utilized in ipv6 network and device utilizing same
CN110999257B (en) Delivery method selection for delivery of server notifications
US20110110378A1 (en) Method and Apparatus for Communications Traffic Breakout
US8688844B1 (en) Establishing network connections between transparent network devices
EP2764681B1 (en) Systems and methods for data packet processing
US20130322296A1 (en) Method and system of providing internet protocol (ip) data communication in a nfc peer to peer communication environment
US10225830B2 (en) Processing method of data packet, terminal, base station and system
CN106797406B (en) IPv4 communication using 6LoWPAN header compression mechanism
JP5175773B2 (en) Communication apparatus, method and program
WO2018121589A1 (en) Data link detection method, apparatus and system
KR20110112847A (en) Method, apparatus and computer program product for providing ciphering problem recovery for unacknowledged mode radio bearer
US20130332586A1 (en) Providing ipv6 connectivity through shared external interfaces on electronic devices
TW201633826A (en) Learning network timeout values dynamically
JP6471220B2 (en) Method and apparatus for detecting a NAT device
US8073007B2 (en) Method and apparatus for intertechnology IPv6 address configuration
US8806043B1 (en) Server selection during retransmit of a request
EP3289783B1 (en) Session continuity for ipv6 over bluetooth low energy
US10171544B2 (en) Radio base station
WO2010133922A1 (en) Method and apparatus for spoofing an echo reply
US8181060B1 (en) Preventing data corruption with transparent network connections
WO2017161876A1 (en) Method and device implementing network access

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09786404

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09786404

Country of ref document: EP

Kind code of ref document: A1