[26825] in bugtraq
Re: IPv4 mapped address considered harmful
daemon@ATHENA.MIT.EDU (Anthony DeRobertis)
Tue Aug 27 14:18:54 2002
From: Anthony DeRobertis <asd@suespammers.org>
To: Jun-ichiro itojun Hagino <itojun@iijlab.net>
In-Reply-To: <20020822161840.B94107BA@starfruit.itojun.org>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature";
boundary="=-v51IGBwELGd4zTMjpfp7"
Date: 27 Aug 2002 00:18:28 -0400
Message-Id: <1030421908.10236.6.camel@bohr>
Mime-Version: 1.0
--=-v51IGBwELGd4zTMjpfp7
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Thu, 2002-08-22 at 12:18, Jun-ichiro itojun Hagino wrote:=20
> This ambiguity creates chances to malicious party to trick victim nodes.
> Here are a couple of examples:
How are these any different than with IPv4? I can send bad source
addresses in IPv4 just as easily as in IPv6. IPv6 might even make it
easier to do, e.g., reverse-path filtering (less prefixes to worry
about).
Any kernel that takes a packet saying it is from the local host
off the wire is broken.
Any firewall that allows through a packet from the Internet saying
it is from the LAN is broken.
--=-v51IGBwELGd4zTMjpfp7
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9av2U+z+IwlXqWf4RAso2AKCDfI8jpFkyB5vfGh0TImCOCZ3CKACdEWmP
cuyWq1XAwpm/oXdehCPv9/4=
=JRjw
-----END PGP SIGNATURE-----
--=-v51IGBwELGd4zTMjpfp7--
