[ipv6hackers] "Stick to limited IPv6 deployments, businesses warned"

Mike Jones mike at mikejones.in
Sat Aug 25 02:49:01 CEST 2012


On 24 August 2012 23:13, Karl Auer <kauer at biplane.com.au> wrote:
> On Fri, 2012-08-24 at 23:39 +0200, Marc Heuse wrote:
>> > In short, how likely is this particular problem, RA flooding, to
>> > actually be a problem in practice?
>> as long as you stay in your home or office, the chance should be
>> pretty small.
>> when you go to a conference, the chance rises, and if its a security
>> conference, it gets pretty high ... its the mobile user who is at
>> risk.
>
> It's all about risk assessment - the interplay between the likelihood of
> actual loss, the amount of likely actual loss, the cost of preventing
> that loss, and the cost of making good that loss.
>
> With this particular attack, the equation seems pretty clear. There is
> low risk of the attack occurring, a low amount of loss likely even if
> the attack occurs, the attack is limited to a single subnet which must
> *already be compromised*, there are likely preventions in development in
> the relatively short term, and the cost of repair is low even if the
> attack does occur.
>
> So lets NOT hold this one up as a shining example of why not to proceed
> with IPv6 implementation and deployment.
>

It's also an attack that the best defence against is to deploy v6
across your entire network. Any areas of your network that are v6
enabled may or may not be vulnerable depending on your
equipment/config, but v4-only equipment that has no idea about IPv6
will always be vulnerable.

how many networks are using that bug as an excuse for not deploying
v6? also how many of them are hiring new staff to replace the idiot
who told them that ignoring IPv6 would make the issue go away? :)

- Mike



More information about the Ipv6hackers mailing list