nanog mailing list archives
Re: Question re session hijacking in dual stack environments w/MacOS
From: Mark Andrews <marka () isc org>
Date: Fri, 02 Oct 2015 18:16:54 +1000
In message <132752.1443772000 () turing-police cc vt edu>, Valdis.Kletnieks () vt edu writes:
On Fri, 02 Oct 2015 00:46:47 -0500, Doug McIntyre said:I suspect this is OSX implementing IPv6 Privacy Extensions. Where OSX generates a new random IPv6 address, applies it to the interface, and then drops the old IPv6 addresses as they stale out. Sessions in use or not.Isn't the OS supposed to wait for the last user of the old address to close their socket before dropping it?
Bowser talks to server with temp address 1. Sockets close. New temp address generated. User click submit. New temp address used. It is stupid web site design to assume that addresses will be stable even within a session.
sudo sysctl -w net.inet6.ip6.use_tempaddr=0 sudo sh -c 'echo net.inet6.ip6.use_tempaddr=0 >> /etc/sysctl.conf'
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: Question re session hijacking in dual stack environments w/MacOS Dovid Bender (Oct 01)
- <Possible follow-ups>
- Re: Question re session hijacking in dual stack environments w/MacOS Doug McIntyre (Oct 01)
- Re: Question re session hijacking in dual stack environments w/MacOS Valdis . Kletnieks (Oct 02)
- Re: Question re session hijacking in dual stack environments w/MacOS Mark Andrews (Oct 02)
- Re: Question re session hijacking in dual stack environments w/MacOS Doug McIntyre (Oct 02)
- Re: Question re session hijacking in dual stack environments w/MacOS voytek (Oct 02)
- Re: Question re session hijacking in dual stack environments w/MacOS Owen DeLong (Oct 16)
- Re: Question re session hijacking in dual stack environments w/MacOS Valdis . Kletnieks (Oct 02)
- Re: Question re session hijacking in dual stack environments w/MacOS Owen DeLong (Oct 02)
- Re: Question re session hijacking in dual stack environments w/MacOS Mark Tinka (Oct 07)