[141417] in North American Network Operators' Group
Be aware of SLAAC adresses
daemon@ATHENA.MIT.EDU (=?UTF-8?B?SsOpcsO0bWUgTmljb2xsZQ==)
Wed Jun 8 06:30:48 2011
From: =?UTF-8?B?SsOpcsO0bWUgTmljb2xsZQ==?= <jerome@ceriz.fr>
Date: Wed, 8 Jun 2011 12:29:29 +0200
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi !
To all contributors to this wonderful IPv6 day, juste a short notice :
please avoid SLAAC adresses on your public servers !
First, in case of an hardware crash, the recovery will be done under
presure and most will forget about forcing the new server's mac adress
to the old one, wich will delay the recovery
Second, it's beeing a little too transparent as the MAC adress may
reveal the server's manufacturer, approximate manufacturing tdate, or
the network controler model. Some may use it as a clue to design a
proper exploit...
Just a nightly thought while monitoring seen IPv6 adresses ;)
--=20
J=C3=A9r=C3=B4me Nicolle
