nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TWC (AS11351) blocking all NTP?

From: John Kristoff <jtk () cymru com>
Date: Mon, 3 Feb 2014 16:38:43 -0600
On Mon, 3 Feb 2014 07:08:25 +0000
"Dobbins, Roland" <rdobbins () arbor net> wrote:


There's nothing in IPv6 which makes any difference.  The ultimate
solution is antispoofing at the customer edge.


There is at least one small thing that may change some part of this and
similar problems.  If the threat vector were only accessible on IPv6
and that service on those systems is not easily discoverable then it
will probably reduce the total population of systems being abused.

I do realize in practice there are ways to discover systems, but the
change in address architecture could change things, not perfectly, but
I'll venture to suggest noticeably in some not so difficult to imagine
scenarios.

John
Previous By Date Next
Previous By Thread Next

Current thread: