[ipv6hackers] Is there a telecom company which adpated IPv6 network on LTE?

Jouni Korhonen jouni.nospam at gmail.com
Fri Aug 16 08:23:25 CEST 2013


On Aug 15, 2013, at 2:50 PM, Marco Ermini <marco.ermini at gmail.com> wrote:

> If you are in Europe or anyway outside of USA, it is very unlikely you have
> a public IPv4 address on a mobile (cellular) network (be it LTE or just 3G).
> 
> Even if it *appears* to be public, you are probably NATted anyway.
> 
> The reason is very easy, it's called overbilling and battery drowning
> attacks. In 3G networks (and on LTE networks which are still supported by
> legacy infrastructure), your IP connectivity is a layer on top of your
> mobile connection, and your PDP context (billing record) is allocated when

What do you exactly mean by "LTE networks which are still supported by
legacy infrastructure"? I did not quite follow here. How would that affect
to the always on behavior of the LTE ?

- JOuni

> you are given an IP address, and you are billed for the time you are "on
> line". If you are reachable via UDP, an attacker can keep you on line more
> than you would like, and also exhaust your battery. Therefore normally a
> mobile operator shields you from being "so" reachable.
> 
> On "pure" LTE the paradigm is a little different as you are supposed to be
> always on line - you have always an IP address, and even your voice and
> signalling are transmitted via IP (although there are fallback options to
> the older technologies if required/configured).
> 
> I am aware of course of the VZW implementation but I am not sure which kind
> of LTE is deployed.
> 
> PS. NAT was not born to provide security, but it provides _some sort_ of
> security, and moreover it allows easier full logging of the traffic...
> 
> Hope this helps.
> 
> 
> Cheers
> 
> 
> On 29 May 2013 12:23, Eric Vyncke (evyncke) <evyncke at cisco.com> wrote:
> 
>> I do not want to be rude, but, what is the difference between your use
>> case and my smart phone which has a public IPv4 address on its cellular
>> interface?
>> 
>> AFAIK, in IPv6 mobile phones get a /64, so, a lot if not all layer-2
>> attacks related to IPv6 do not apply
>> 
>> Eric
>> 
>> 
>> 
>> 
>> Le 29 mai 2013 à 08:25, "김무성" <disaster at sk.com> a écrit :
>> 
>>> One of advantage which deploy ipv6 network on telecom is that all
>> smart-phone can have a public IPv6 address.
>>> But it cause security problem that hacker can attack smart-phone
>> directly.
>>> If deploy a NAT6/6 or NAT6/4 device for security, availability of ipv6
>> is low
>>> And have to have ALG (Application Layer Gateway) device for providing
>> service. (ex, SIP ALG for VoIP on LTE, etc)
>>> 
>>> Is there a solution that use public IPv6 address on smart-phone and
>> strengthen security?
>>> _______________________________________________
>>> Ipv6hackers mailing list
>>> Ipv6hackers at lists.si6networks.com
>>> http://lists.si6networks.com/listinfo/ipv6hackers
>> _______________________________________________
>> Ipv6hackers mailing list
>> Ipv6hackers at lists.si6networks.com
>> http://lists.si6networks.com/listinfo/ipv6hackers
>> 
> 
> 
> 
> -- 
> Marco Ermini
> root at human # mount -t life -o ro /dev/dna /genetic/research
> http://www.linkedin.com/in/marcoermini
> "Jesus saves... but Buddha makes incremental back-ups!"
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers




More information about the Ipv6hackers mailing list