router advertisements on open subnets
Merike Kaeo
merike at doubleshotsecurity.com
Tue Dec 15 11:00:22 CET 2009
Yeah - I'd follow SAVI and encourage you to add some input. I've
been hearing that more vendors are actually starting to ship SeND
which could be useful. I haven't heard of too many deployments yet
(would love to hear otherwise).
- merike
On Dec 14, 2009, at 11:10 PM, Mikael Abrahamsson wrote:
> On Tue, 15 Dec 2009, Chris Caputo wrote:
>
>> On an open subnet, such as a public WiFi network, what is to stop
>> a guest host from announcing IPv6 router advertisements (ICMPv6
>> type 134) to the subnet, thus competing with the intended gateway
>> and potentially drawing traffic through/to it for analysis or
>> blackholing?
>
> On any type of LAN, there is nothing to stop this. The IETF has
> historically totally dropped the ball on this kind of security
> function to mitigate that problem (there is nothing to stop them
> doing ARP spoofing either), but nowadays there is the SAVI WG who
> are trying to standardize a framework both for IPv4 and v6 for
> vendors to implement so that this can be done securely.
>
> --
> Mikael Abrahamsson email: swmike at swm.pp.se
>
More information about the ipv6-ops
mailing list