[nsp-sec] New IPV6 NDP issue (via cert)
David Freedman
david.freedman at uk.clara.net
Fri Oct 3 13:57:18 EDT 2008
Uh, isn't this just like ARP spoofing? is this really a new problem?
------------------------------------------------
David Freedman
Group Network Engineering
Claranet Limited
http://www.clara.net
-----Original Message-----
From: nsp-security-bounces at puck.nether.net on behalf of Chris Morrow
Sent: Fri 10/3/2008 18:50
To: nsp-security at puck.nether.net
Subject: [nsp-sec] New IPV6 NDP issue (via cert)
----------- nsp-security Confidential --------
since one of my vendors sent out a note about this (hi greg, ask your
alert folks to actually put the alert on the alert page eh?), another is
listed.. what say you vendor folks?
<http://www.kb.cert.org/vuls/id/472363>
"IPv6 implementations insecurely update Forward Information Base"
Looks like you can reply with "Yea, I'm that neighbor, send traffic over
there ->"
This looks like it's also discussed (according to cert) in: RFC 3756
and... looks like a problem that can't be immediately solved without some
changes to ND? Since it's a local LAN issue unless your local LAN is
compromised/made-up-of-compromised-hosts things should be good, eh?
(low threat... I guess)
-Chris
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list