nanog mailing list archives
Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE!
From: Arturo Servin <arturo.servin () gmail com>
Date: Sun, 17 Jun 2012 15:53:47 -0400
If the ISP fails to filter my bogus space and leak that route to the Internet (which happens today everyday with IPv4, and will with IPv6) I would get my return path. Again, if every ISP followed BCP 38 that would not happen (IPv6 and IPv4). But they are not, and probably they won't. .as On 17 Jun 2012, at 15:41, John Levine wrote:
BCP 38 would work. The problem is that many ISPs do not ingress filter, so I can use whatever unnallocated IPv6 space (2F10:baba:ba30:e8cf:d06f:4881:973a:c68) to SPAM and then go invisible and use another one (2E10:baba:ba30:e8cf:d06f:4881:973a:c68)How do you plan to get the return packets? DNS bombing with forged address UDP packets is one thing, but anything that runs over TCP won't work without return routes. If the bad guy can inject routes, you have worse problems than lack of SWIP. (This assumes the target is not using a 20 year old TCP stack with predictable sequence numbers, but in the IPv6 world we should be able to assume that particular security hole is closed.) I expect bad guys to hop around within a /64 or whatever size allocation the ISP assigns to customers, but that's still easily handled by SWIP, or by subpoena to the ISP if they didn't get around to SWIP. R's, John
Current thread:
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE!, (continued)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Joel jaeggli (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Owen DeLong (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Jimmy Hess (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Vinny Abello (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Cameron Byrne (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Arturo Servin (Jun 18)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Owen DeLong (Jun 18)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Arturo Servin (Jun 18)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Arturo Servin (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! John Levine (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Arturo Servin (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Jay Ashworth (Jun 18)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! John Curran (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Vinny Abello (Jun 17)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Owen DeLong (Jun 15)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Dave Edelman (Jun 15)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! goemon (Jun 15)
- Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE! Owen DeLong (Jun 15)