router advertisements on open subnets

Merike Kaeo merike at doubleshotsecurity.com
Tue Dec 15 11:00:22 CET 2009


Yeah - I'd follow SAVI and encourage you to add some input.  I've  
been hearing that more vendors are actually starting to ship SeND  
which could be useful.  I haven't heard of too many deployments yet  
(would love to hear otherwise).

- merike


On Dec 14, 2009, at 11:10 PM, Mikael Abrahamsson wrote:

> On Tue, 15 Dec 2009, Chris Caputo wrote:
>
>> On an open subnet, such as a public WiFi network, what is to stop  
>> a guest host from announcing IPv6 router advertisements (ICMPv6  
>> type 134) to the subnet, thus competing with the intended gateway  
>> and potentially drawing traffic through/to it for analysis or  
>> blackholing?
>
> On any type of LAN, there is nothing to stop this. The IETF has  
> historically totally dropped the ball on this kind of security  
> function to mitigate that problem (there is nothing to stop them  
> doing ARP spoofing either), but nowadays there is the SAVI WG who  
> are trying to standardize a framework both for IPv4 and v6 for  
> vendors to implement so that this can be done securely.
>
> -- 
> Mikael Abrahamsson    email: swmike at swm.pp.se
>



More information about the ipv6-ops mailing list