[ipv6hackers] IPv6 security presentation at Hack.lu 2011

Fernando Gont fgont at si6networks.com
Tue Sep 27 16:22:14 CEST 2011

On 09/26/2011 10:28 PM, Owen DeLong wrote:
> I will point out that NDP spoofing is no worse than ARP spoofing in IPv4,
> so, I'm not sure how you can say that it is not an equivalent level of first
> hop security.

It's way easier to policy ARP traffic than it is to police NS/NA traffic.

The reason basically being described in:

The contents of the aforementioned article also applies to NS/NA-based

Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

More information about the Ipv6hackers mailing list