nanog mailing list archives
Re: HP IPv6 RA Guard
From: Daniel Espejel <daniel.unam.ipv6 () gmail com>
Date: Mon, 05 Dec 2011 21:35:35 -0600
So,still assuming the fact that attackers will use the same "traditional ipv4" methods to alter the correct functioning over a network?...Well, maybe. Toda's IPv6 expertise for some network andmins and security experts is minimal. So most trainning and understanding before implementing its a good idea. For example, the RA-Guard method has a significant vulnerability: It's not designed to identify a "complex" IPv6-many extension headers formed packet (F. Gont - 6Networks). Some other security oriented mechanisms may fail because of the low IPv6 compliance. Regards. -- Daniel Espejel Pérez Técnico Académico D.G.T.I.C. - U.N.A.M. GT-IPv6 CLARA / GT-IPv6 U.N.A.M.
Current thread:
- Re: HP IPv6 RA Guard excelsio (Dec 04)
- Re: HP IPv6 RA Guard Christopher Morrow (Dec 04)
- <Possible follow-ups>
- Re: HP IPv6 RA Guard Daniel Espejel (Dec 05)
- Re: HP IPv6 RA Guard Ray Soucy (Dec 06)
- Re: HP IPv6 RA Guard Daniel Espejel (Dec 06)
- Re: HP IPv6 RA Guard Ray Soucy (Dec 06)