[139339] in North American Network Operators' Group
Re: 0day Windows Network Interception Configuration Vulnerability
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Apr 4 12:16:27 2011
To: "andrew.wallace" <andrew.wallace@rocketmail.com>
In-Reply-To: Your message of "Mon, 04 Apr 2011 08:46:22 PDT."
<21466.42267.qm@web59615.mail.ac4.yahoo.com>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 04 Apr 2011 12:14:56 -0400
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1301933696_4775P
Content-Type: text/plain; charset=us-ascii
On Mon, 04 Apr 2011 08:46:22 PDT, "andrew.wallace" said:
> Someone has recently post to a mailing list: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080096.html
*yawn* No news, move along, nothing to see. RFC4862, section 6:
The use of stateless address autoconfiguration and Duplicate Address
Detection opens up the possibility of several denial-of-service
attacks. For example, any node can respond to Neighbor Solicitations
for a tentative address, causing the other node to reject the address
as a duplicate. A separate document [RFC3756] discusses details
about these attacks, which can be addressed with the Secure Neighbor
Discovery protocol [RFC3971]. It should also be noted that [RFC3756]
points out that the use of IP security is not always feasible
depending on network environments.
Note that similar text was present in RFC2462, all the way back in Dec 1998.
So somebody's 13 years late to the party.
--==_Exmh_1301933696_4775P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFNme6AcC3lWbTT17ARAhFKAJ9Vyj+GcndgYNB+DgQcMDxdeIiTowCeOojl
6nGGRxz4TPNEpNUt8mI0Fp8=
=f7o0
-----END PGP SIGNATURE-----
--==_Exmh_1301933696_4775P--
