[ipv6hackers] "Stick to limited IPv6 deployments, businesses warned"
Jim Small
jim.small at cdw.com
Fri Aug 24 05:59:45 CEST 2012
> >> The fake router RA vulnerabilities are well known and relatively well
> >> understood. Vendors are working on it and most have reasonable
> >> initial solutions with progress being made towards more complete
> >> solutions.
> >
> > This is not the message that I got the last time I talk with some
> > well-known desktop os vendor.
> >
> If you managed to find an OS vendor that is asleep at the switch, good for
> you,
> you got an opportunity to educate someone. Nonetheless, the data has
> been
> well published and I know most of the switch/router vendors either have
> running
> code to (mostly) solve the problem or are working on it as we speak.
>
> >
> >> However, I do not see this as being any worse in most
> >> cases than a rogue DHCP server which is a vulnerability in IPv4 that
> >> has not been fixed even to this day.
> >
> > My understanding is that you cannot crash a host with forged DHCP
> > responses, but that you *can* do taht with forged RAs.
> >
>
> I'm not sure I buy either one of those assertions.
Hi Owen - actually you can. See here:
http://www.networkworld.com/community/blog/known-ipv6-hole-freezes-windows-network-in-minutes
As far as I know, there is no equivalent vulnerability in IPv4. I wholeheartedly agree with Marc that this is unacceptable. Microsoft's position is untenable. I really hope this is fixed in 8/2012. Until Marc brought it up I just assumed this had been fixed. I'm a little stunned that it's gone on this long.
--Jim
More information about the Ipv6hackers
mailing list