[ipv6hackers] Pros and Cons of Address Randomization

[Jim Small]

Hi Joe,

> As you might remember, my presentation at gogonet6 live was about
> resilience, and the use of IPv6 Address Randomization to improve
> survivability. The reason I present it, was to get feedback on a IEEE
> paper I am writing. At present I am validating others work, and
> setting up a network to perform the testing. I still have a bunch of
> research into best techniques and strategies before I had planned on
> publishing.

Excellent - looking forward to reading it!  Could you please post to the list when it's available?

> When reviewing your notes, I noticed you are missing the big question,
> "What threat are you attempting to mitigate?" As such, I only see this
> technique used on all high and some moderate confidentially,
> integrity, available or non-repudiation environment, as a method of
> early identification of attackers during the ISR phase of the attack.

Makes sense - especially if used as an additional layer in tandem with monitoring and response capabilities.

> Note, the reason I have not published any work on it, was there are a
> few companies (some represented on this list) which have been 'kind
> enough', to create products under their name.
> 
> This paper and research are not funded by any company or university,
> although I do with it were.

--Jim