[ipv6hackers] IPv6 Security research

Simon Perreault simon.perreault at viagenie.ca
Fri Mar 23 23:53:27 CET 2012


On 03/23/2012 06:51 PM, Marc Heuse wrote:
>> 3. Send an ICMPv6 router acknowledgement packet with a random address
>>     prefix, causing hosts to begin stateless address auto-configuration
>>     (SLAAC) and send a solicitation for their newly configured
>>     address.
>
> although this works very well, it is a disrupive mechanism. hosts are
> now thinking they have IPv6 connectivity and if a DNS reply has AAAA
> records this breaks most applications.

The RA has lifetime=1 to mitigate this. We found that it works extremely 
well in practice. ;)

Simon
-- 
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source        --> http://ecdysis.viagenie.ca
STUN/TURN server               --> http://numb.viagenie.ca



More information about the Ipv6hackers mailing list