On Jul 28, 2014, at 7:30 AM, Ted Lemon <[email protected]> wrote:
> On Jul 28, 2014, at 9:52 AM, Simon Perreault <[email protected]> wrote: >> Dan didn't say "broken", he said "attacker-controlled", possibly (my guess) >> thinking of the infamous "SLAAC attack" [*]. Happy eyeballs is useless here. > > This is the MiTM attack I referred to in the previous message. If you are > not using secure protocols, you are always vulnerable to MiTM. Considering RA Guard (RFC6105) and DHCP guard are necessary, so I don't see draft-ietf-sunset4-noipv4 creating a *new* risk. I agree improving security of RA and DHCP (e.g., draft-ietf-dhc-sedhcpv6) are helpful, but in the intervening days between today and ubiquitous availability of deployable and secure RA and DHCP, a responsible network needs to block spoofed router advertisements from non-routers and prevent DHCP spoofing from non-DHCP servers. Simon bought up an interesting point that an attacker abusing NOIPV4 needs only send a few packets and would have a lasting impact. The attacker need not stay on the network to have a lasting impact. -d _______________________________________________ sunset4 mailing list [email protected] https://www.ietf.org/mailman/listinfo/sunset4
