[ipv6hackers] Looking for feedback on subjective top list of IPv6 security issues

Fernando Gont fgont at si6networks.com
Sat Mar 9 12:45:29 CET 2013


On 03/08/2013 05:22 PM, Cameron Byrne wrote:
> 
> One could also postulate that the v6 code was developed in a more mature
> environment with better practices and lessons learned from the v4 battle
> scars. 

Good one. :-)

1) Different people working on v6 from the ones who had worked on v4.
e.g. the BSD v4 code was developed by the team at University of
California, while the v6 code was developed by the japanese guys from KAME.

2) There are no best practices. :-9 -- Man, e.g. the NC exhaustion thing
is the sort of bug I did when I was 10 :-) : having data structures that
could potentially grow without bounds. And yes, "software has bugs", but
one should automatically enforce limits everywhere.

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492







More information about the Ipv6hackers mailing list