[ipv6hackers] IPv6 Security research
Simon Perreault
simon.perreault at viagenie.ca
Fri Mar 23 23:53:27 CET 2012
On 03/23/2012 06:51 PM, Marc Heuse wrote:
>> 3. Send an ICMPv6 router acknowledgement packet with a random address
>> prefix, causing hosts to begin stateless address auto-configuration
>> (SLAAC) and send a solicitation for their newly configured
>> address.
>
> although this works very well, it is a disrupive mechanism. hosts are
> now thinking they have IPv6 connectivity and if a DNS reply has AAAA
> records this breaks most applications.
The RA has lifetime=1 to mitigate this. We found that it works extremely
well in practice. ;)
Simon
--
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server --> http://numb.viagenie.ca
More information about the Ipv6hackers
mailing list