|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: Andy Davidson <andy@nosignal.org> To: NANOG list <nanog@nanog.org> In-Reply-To: <20091018185247.50967833@opy.nosense.org> Date: Sun, 18 Oct 2009 11:02:23 +0100 Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org On 18 Oct 2009, at 09:22, Mark Smith wrote: > If it's because somebody could start up a rogue router and announce > RAs, I think a rogue DHCPv6 server is (or will be) just as much a > threat, if not more of one - I think it's more likely server OSes > will include DHCPv6 servers than RA "servers". Disagree - rogue offers affect people without a lease, so the impact of an attack is not immediate. Filtering DHCP on v4 is well understood, an update to current operational practice rather than a new system. On 18 Oct 2009, at 09:29, Nathan Ward wrote: > RA is needed to tell a host to use DHCPv6 This is not ideal. Andy
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |