nanog mailing list archives
Re: 0day Windows Network Interception Configuration Vulnerability
From: Valdis.Kletnieks () vt edu
Date: Mon, 04 Apr 2011 12:14:56 -0400
On Mon, 04 Apr 2011 08:46:22 PDT, "andrew.wallace" said:
Someone has recently post to a mailing list: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080096.html
*yawn* No news, move along, nothing to see. RFC4862, section 6: The use of stateless address autoconfiguration and Duplicate Address Detection opens up the possibility of several denial-of-service attacks. For example, any node can respond to Neighbor Solicitations for a tentative address, causing the other node to reject the address as a duplicate. A separate document [RFC3756] discusses details about these attacks, which can be addressed with the Secure Neighbor Discovery protocol [RFC3971]. It should also be noted that [RFC3756] points out that the use of IP security is not always feasible depending on network environments. Note that similar text was present in RFC2462, all the way back in Dec 1998. So somebody's 13 years late to the party.
Attachment:
_bin
Description:
Current thread:
- 0day Windows Network Interception Configuration Vulnerability andrew.wallace (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Andrew Kirch (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Valdis . Kletnieks (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Dan White (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Jeroen van Ingen (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Mikael Abrahamsson (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Jeroen van Ingen (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Nick Hilliard (Apr 04)
- <Possible follow-ups>
- Re: 0day Windows Network Interception Configuration Vulnerability Johnny Eriksson (Apr 04)