Home page logo
/

nanog logo nanog mailing list archives

Re: HP IPv6 RA Guard
From: Daniel Espejel <daniel.unam.ipv6 () gmail com>
Date: Mon, 05 Dec 2011 21:35:35 -0600

So,still assuming the fact that attackers will use the same "traditional
ipv4" methods to alter the correct functioning over a network?...Well,
maybe. Toda's IPv6 expertise for some network andmins and security
experts is minimal. So most trainning and understanding before
implementing its a good idea.

For example, the RA-Guard method has a significant vulnerability: It's
not designed to identify a "complex" IPv6-many extension headers formed
packet (F. Gont - 6Networks). Some other security oriented mechanisms
may fail because of the low IPv6 compliance.

Regards.


-- 
Daniel Espejel Pérez
Técnico Académico
D.G.T.I.C. - U.N.A.M.
GT-IPv6 CLARA / GT-IPv6 U.N.A.M.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]