[ipv6hackers] Strong Host Model

Guillermo Lafuente Tejero guiye1984 at hotmail.com
Wed Jul 31 13:11:42 CEST 2013


> I haven't used it, but apparently it is now implemented in the Linux firewall - the rpfilter match:


> https://bugzilla.kernel.org/show_bug.cgi?id=6998

Thanks Mark, that could help.


> I've always wondered about this: In what way does the strong host model 

> improve security?  Are you just concerned about information leakage 

> (ability to discover the host's non-local IP addresses), or is there 

> something else?


Hi Paul

For my tests I had the following:

----------------
                  -eth1 ----------> Ping response
HOST         -
                  -eth0  <--------- Ping request
----------------

Eth0: manual IPv6 config (no default router)
Eth1: SLAAC

Sending a ping to eth0 directed to eth1 would cause the packet to travel from the network configured in eth0 to the net in eth1 . The outbound packet in eth1 was using eth1's MAC address but eth0's IPv6 address.

What it is happening is that the host receives the ping in eth0, and when creating the response, checks the routing table and says: oh! I have to reply to someone and default gw is in eth1, here you go!

This could be an environment in which you have systems which should not be reachable from the Internet in eth0 and Internet connectivity in eth1 (or viceversa). You may want to completely separate both networks for a good reason, and with the weak host model you would be able to jump from one to another.

Thanks,
Regards,
Guillermo



 		 	   		  


More information about the Ipv6hackers mailing list