[154885] in North American Network Operators' Group
=?utf-8?B?UmU6IHVzaW5nICJyZXNlcnZlZCIgSVB2NiBzcGFjZQ==?=
daemon@ATHENA.MIT.EDU (Keith Medcalf)
Sun Jul 15 19:56:51 2012
From: "Keith Medcalf" <kmedcalf@dessus.com>
To: valdis.kletnieks@vt.edu
Date: Sun, 15 Jul 2012 17:55:44 -0600
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--__1342396544480TOUCHDOWN_BOUNDARY__
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
=0D=0AIfconfig does not work on Windows. =0D=0A=0D=0AAre you saying that th=
ere are other operating systems brain-dead enough to just run any old arbitr=
ary code from untrusted media?=0D=0A=0D=0ASent from my Android phone using T=
ouchDown (www.nitrodesk.com)=0D=0A=0D=0A-----Original Message-----=0D=0AFrom=
: [valdis.kletnieks@vt.edu]=0D=0AReceived: Sunday, 15 Jul 2012, 9:45=0D=0ATo=
: Jimmy Hess [mysidia@gmail.com]=0D=0ACC: [nanog@nanog.org]; Brandon Ross [b=
ross@pobox.com]=0D=0ASubject: Re: using "reserved" IPv6 space=0D=0A=0D=0AOn =
Sat, 14 Jul 2012 17:37:37 -0500, Jimmy Hess said:=0D=0A=0D=0A> The good news=
is one 'ifconfig' just tells them what network=0D=0A> address you're i=
n.=0D=0A> Unless the attacker can gain access to your host's NDP table or A=
RP=0D=0A> table, they can't see what IPs are in use.=0D=0A=0D=0AAll it take=
s is one USB stick left out in the parking lot for an employee..=0D=0A=0D=0A=
By the time they get enough access to do an 'ifconfig', rest assured that th=
ey=0D=0Acan see the NDP/ARP tables and all the traffic on that network segme=
nt as well.=0D=0A(OK.. maybe for some reason they can't - but if you're bett=
ing your security=0D=0Amodel on somebody getting a beachhead on one of your =
machines and *not* having=0D=0Afull access to the network segment, I'll be m=
ore than happy to take the other=0D=0Aside of the bet).=0D=0A=0D=0A=0D=0A=0D=
=0ASent from my Android phone using TouchDown (www.nitrodesk.com)
--__1342396544480TOUCHDOWN_BOUNDARY__--
