[ipv6hackers] IPv6 security presentation at Hack.lu 2011
fred at fredbovy.com
Fri Sep 30 04:07:39 CEST 2011
Ok it is clear!
But for me if it was not possible to configure it so easily it would be an
Le 30/09/2011 03:59, « Owen DeLong » <owend at he.net> a écrit :
>On Sep 29, 2011, at 6:49 PM, fred wrote:
>> Ok, I get it but I never found any way to set your stack to ignore the
>> REDIRECT. I never look for a way to do it to be honest.
>> Maybe it is something you can do by setting a variable and building a
>> kernel in UNIX/Linux ?
>It's a sysctl variable that you can change on the fly if you want to. No
>> On MAC OS X a variable and build a new kernel as well ?
>Not sure. MacOS X is BSD based, so, it's probably a similar sysctl
>> Maybe a registry in Windows let you do this ?
>That would be my best guess, or, it might be under netsh. Not sure.
>It may even be impossible in Windoze, I honestly don't know.
>> I have never in my life found any IT people doing such setting on any
>> Workstation or servers. But it is a long time I am not working with IT
>> people who configure everything...
>I believe it is fairly common among those paranoid to worry about any of
>rather minute issues we've been discussing here. Most of the real world of
>IT actually flat out ignores security on the LAN for the most part, so,
>right that people who do anything about it at all are kind of rare. That
>my primary point, actually.
>> So I did not know it was something which could be set easily and was
>> by everybody in the field so it was not an open issue for IPV4!
>I wasn't saying it wasn't an issue, but, it's an issue of
>the equivalent problem in IPv6 is an issue of inability.
>Ipv6hackers mailing list
>Ipv6hackers at lists.si6networks.com
More information about the Ipv6hackers