W dniu 27.01.2026 o 21:55, Patrick M. Hausen pisze:
HI all,
Am 27.01.2026 um 21:46 schrieb Marek Zarychta <[email protected]>:
To narrow the impact, I suggest switching to the MAC address as the default key
source instead of the interface name.
If I read the relevant RFC correctly the main argument for stable addresses in
contrast to
traditional EUI-64 is the narrowing of the search space in sweep scan attacks.
Because the OUIs which make up half of the order of magnitude are well known.
Isn't that the case, too, if we start with the MAC address and the hash
algorithm
by which the final address is generated is public?
Kind regards,
Patrick
As far as I know, this is not possible with current computing platforms,
and it would probably require prolonged observation of the same host
across different subnets.
On the other hand, we still have EUI-64–based link-local addresses.
Although they are not exposed to the Internet, they remain a concern.
--
Marek Zarychta
