[ipv6hackers] Fwd: RFC 7123 on Security Implications of IPv6 on IPv4 Networks

Marco Ermini marco.ermini at gmail.com
Tue Feb 18 16:16:21 CET 2014


On 11 February 2014 10:30, Fernando Gont wrote:

> Folks,
>
> FYI: <http://www.rfc-editor.org/rfc/rfc7123.txt>
>
> Thanks,
> Fernando
>
[...]

Hi Fernando

Can I suggest to add in the Introduction section, that there are known,
famous Anti Virus and Host Based IPS (HIPS) who are unable to work on IPv6
(I would not name names but the version 11 of a famous yellow and black
thing which is widely deployed and it is not easy to upgrade to the next
version, 12, because it is a complete and incompatible rewrite...).

Their behaviour of such AV/HIPS is that they will either allow the complete
IPv6 traffic without inspection, or block it completely (as a protocol
type). As mentioned, upgrading AV/HIPS may not be as easy as someone may
think in medium to large organisations.


Cheers
-- 
Marco Ermini
root at human # mount -t life -o ro /dev/dna /genetic/research
http://www.linkedin.com/in/marcoermini
"Jesus saves... but Buddha makes incremental back-ups!"



More information about the Ipv6hackers mailing list