[76842] in North American Network Operators' Group
Re: IPv6, IPSEC and deep packet inspection
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Fri Dec 31 18:17:49 2004
Date: Fri, 31 Dec 2004 23:16:25 +0000
From: bmanning@vacation.karoshi.com
To: Rob Thomas <robt@cymru.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.58.0412311547150.15035@qentba.nf23028.arg>
Errors-To: owner-nanog-outgoing@merit.edu
as one who has been "bit" by this already - i can say amen to
what Rob preacheth... the hardest part is getting folks up to
speed on IPv6 as a threat vector. Swat teams that can neutralize
an IPv4 based flareup in minutes/hours can take days/weeks to
contain a v6 channel...
--bill
On Fri, Dec 31, 2004 at 03:52:43PM -0600, Rob Thomas wrote:
>
> Hi, NANOGers.
>
> Folks who are considering or using IPv6 should know that the miscreants
> are as well. There have been IPv6 bots and botnets. IPv6 based hosts
> are regularly used as a bounce for IRC access. IPv6 DoS tools do exist.
> Many of your monitoring tools choke on IPv6, or ignore it entirely.
>
> So while a new approach to security with IPv6 may be warranted, many of
> the same old threats await you there.
>
> Thanks,
> Rob.
> --
> Rob Thomas
> http://www.cymru.com
> Shaving with Occam's razor since 1999.
