nanog mailing list archives

Re: OMB: IPv6 by June 2008

From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Thu, 7 Jul 2005 20:16:32 +0200


On 7-jul-2005, at 19:43, Kuhtz, Christian wrote:

If I'm on the same shared medium as you I can kill your SSL session
with one packet.

Only if shared medium = vanilla CSMA/CD Ethernet or the like.


Or air.

If the medium isn't shared then if it's a thin pipe, it's subject toDoS (I mean the type where you don't even need a zombie army) and ifit's a fat one, an attacker still gets to break the TCP sessions withSSL running over them. (This requires a few million packets.)

Current thread:

Re: OMB: IPv6 by June 2008, (continued)
- - - Re: OMB: IPv6 by June 2008 Scott McGrath (Jul 07)
    - Re: OMB: IPv6 by June 2008 Jeroen Massar (Jul 07)
    - Re: OMB: IPv6 by June 2008 Andre Oppermann (Jul 07)
    - Re: OMB: IPv6 by June 2008 Jeroen Massar (Jul 07)
    - Re: OMB: IPv6 by June 2008 Randy Bush (Jul 07)
    - Re: OMB: IPv6 by June 2008 Scott McGrath (Jul 07)
    - Re: OMB: IPv6 by June 2008 James (Jul 07)
    - Re: OMB: IPv6 by June 2008 Nils Ketelsen (Jul 08)
- RE: OMB: IPv6 by June 2008 Kuhtz, Christian (Jul 07)
- RE: OMB: IPv6 by June 2008 Kuhtz, Christian (Jul 07)
  - Re: OMB: IPv6 by June 2008 Iljitsch van Beijnum (Jul 07)
- RE: OMB: IPv6 by June 2008 Kuhtz, Christian (Jul 07)
  - Re: OMB: IPv6 by June 2008 Andre Oppermann (Jul 07)
  - Re: OMB: IPv6 by June 2008 David Conrad (Jul 07)
    - Re: OMB: IPv6 by June 2008 Steven M. Bellovin (Jul 07)
  - RE: OMB: IPv6 by June 2008 Brad Knowles (Jul 07)
  - Re: OMB: IPv6 by June 2008 Alexei Roudnev (Jul 08)
    - Re: OMB: IPv6 by June 2008 Scott McGrath (Jul 08)
- RE: OMB: IPv6 by June 2008 Kuhtz, Christian (Jul 07)