Re: using "reserved" IPv6 space

["Keith Medcalf" <kmedcalf () dessus com>]

Ifconfig does not work on Windows.  

Are you saying that there are other operating systems brain-dead enough to just run any old arbitrary code from 
untrusted media?

Sent from my Android phone using TouchDown (www.nitrodesk.com)

-----Original Message-----
From: [valdis.kletnieks () vt edu]
Received: Sunday, 15 Jul 2012, 9:45
To: Jimmy Hess [mysidia () gmail com]
CC: [nanog () nanog org]; Brandon Ross [bross () pobox com]
Subject: Re: using "reserved" IPv6 space

On Sat, 14 Jul 2012 17:37:37 -0500, Jimmy Hess said:

> The good news is one  'ifconfig'  just tells them  what   network
> address you're in.
> Unless the attacker can gain access to your host's  NDP table or ARP
> table,  they can't see what IPs are in use.

All it takes is one USB stick left out in the parking lot for an employee..

By the time they get enough access to do an 'ifconfig', rest assured that they
can see the NDP/ARP tables and all the traffic on that network segment as well.
(OK.. maybe for some reason they can't - but if you're betting your security
model on somebody getting a beachhead on one of your machines and *not* having
full access to the network segment, I'll be more than happy to take the other
side of the bet).



Sent from my Android phone using TouchDown (www.nitrodesk.com)