[ipv6hackers] Looking for feedback on subjective top list of IPv6 security issues

Fernando Gont fgont at si6networks.com
Fri Mar 8 18:35:03 CET 2013

On 03/08/2013 01:20 PM, Cameron Byrne wrote:
>> May be. But with v6 we still have to go for about 10 years to get where
>> IPv4 implementations are. -- not that I like it, though.
> So, my point is not really in the specifics.  In the last 2 years I know
> for sure Microsoft, Cisco, and Juniper all had critical bugs where a
> special Ipv4 packet would cause a catastrophic failure, right?
> I don't think the lessons of Ipv4 are really lessons. 

We can agree on that one -- for instance, I used to include exactly this
phrase in my slideware.

> People reinvent
> the wheel and fail in both new and the same ways all the time.
> I just don't think it means anything to say that Ipv4 is baked and Ipv6
> is not. 

The issue is that the v4 code has been around for longer. So more bugs
have been fixed than in the v4 case. And since the number of bugs/lines
of code is kind of "constant", more bugs remain to be fixed in v6.
That's it.

Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

More information about the Ipv6hackers mailing list