[142881] in North American Network Operators' Group
Re: NDP DoS attack
daemon@ATHENA.MIT.EDU (Mikael Abrahamsson)
Sun Jul 17 07:00:24 2011
Date: Sun, 17 Jul 2011 12:59:34 +0200 (CEST)
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Florian Weimer <fw@deneb.enyo.de>
In-Reply-To: <87sjq5i3or.fsf@mid.deneb.enyo.de>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, 17 Jul 2011, Florian Weimer wrote:
> Interesting, thnaks. It's not the vendors I would expect, and it's not
> based on SEND (which is not surprising at all and actually a good
> thing).
Personally I think SEND is never going to get any traction.
> Is this actually secure in the sense that it ties addresses to specific
> ports for both sending and receiving? I'm asking because folks have
> built similar systems for IPv4 which weren't. The CLI screenshots look
> good, better than what most folks achieve with IPv4.
As far as I know, it's designed to work securely in an ETTH scenario,
which implies both sending and receiving (if I understood you correctly).
--
Mikael Abrahamsson email: swmike@swm.pp.se
_____
NANOG mailing list
NANOG@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog
