[nsp-sec] New IPV6 NDP issue (via cert)
Florian Weimer
fweimer at bfk.de
Thu Oct 9 12:43:42 EDT 2008
* Jens Rosenboom:
> Good news is that you can protect yourself with a properly written
> RE ACL, maybe someone from Juniper might want to update their PSN
> accordingly. I would on the other hand disagree on the risk level
> being low, one nasty host connected to a peering LAN could do a
> lot of harm ...
May it's not just that. Pre-disclosure, I raised the question of the
impact on v6-over-v4 tunnels. But as far as I can tell, no one wanted
to commit to an answer. 8-(
(I'm not an IPv6/BSD stack guy, so I can't figure out myself for sure.)
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list