nanog mailing list archives
Re: IPv6, IPSEC and deep packet inspection
From: bmanning () vacation karoshi com
Date: Fri, 31 Dec 2004 23:16:25 +0000
as one who has been "bit" by this already - i can say amen to what Rob preacheth... the hardest part is getting folks up to speed on IPv6 as a threat vector. Swat teams that can neutralize an IPv4 based flareup in minutes/hours can take days/weeks to contain a v6 channel... --bill On Fri, Dec 31, 2004 at 03:52:43PM -0600, Rob Thomas wrote:
Hi, NANOGers. Folks who are considering or using IPv6 should know that the miscreants are as well. There have been IPv6 bots and botnets. IPv6 based hosts are regularly used as a bounce for IRC access. IPv6 DoS tools do exist. Many of your monitoring tools choke on IPv6, or ignore it entirely. So while a new approach to security with IPv6 may be warranted, many of the same old threats await you there. Thanks, Rob. -- Rob Thomas http://www.cymru.com Shaving with Occam's razor since 1999.
Current thread:
- IPv6, IPSEC and deep packet inspection Sam Stickland (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Merike Kaeo (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Daniel Roesen (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Merike Kaeo (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Stephen Sprunk (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Rob Thomas (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection william(at)elan.net (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Daniel Roesen (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection bmanning (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Daniel Roesen (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Iljitsch van Beijnum (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Merike Kaeo (Dec 31)
- <Possible follow-ups>
- Re: IPv6, IPSEC and deep packet inspection J. Oquendo (Dec 31)