[142846] in North American Network Operators' Group
Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was:
daemon@ATHENA.MIT.EDU (Fernando Gont)
Thu Jul 14 22:57:47 2011
Date: Thu, 14 Jul 2011 23:57:24 -0300
From: Fernando Gont <fernando@gont.com.ar>
To: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <3B3053F2-DFFF-4AD4-920A-A28657622A5A@puck.nether.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 07/14/2011 11:35 PM, Jared Mauch wrote:
>> Well, unless there's some layer-2 anti-spoofing mitigation in
>> place, with /64 subnets the "local attacker" typically *will* have
>> enough addresses.
>
> Solving a local attack
Well, I was talking about not *introducing* ;-) one.
> is something I consider different in scope
> than the current draft being discussed in 6man, v6ops, ipv6@ etc...
Which I-D are you referring to?
Thanks,
--
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
