NDP DoS attack
Mikael Abrahamsson
swmike at swm.pp.se
Sun Jul 17 10:59:34 UTC 2011
On Sun, 17 Jul 2011, Florian Weimer wrote:
> Interesting, thnaks. It's not the vendors I would expect, and it's not
> based on SEND (which is not surprising at all and actually a good
> thing).
Personally I think SEND is never going to get any traction.
> Is this actually secure in the sense that it ties addresses to specific
> ports for both sending and receiving? I'm asking because folks have
> built similar systems for IPv4 which weren't. The CLI screenshots look
> good, better than what most folks achieve with IPv4.
As far as I know, it's designed to work securely in an ETTH scenario,
which implies both sending and receiving (if I understood you correctly).
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the NANOG
mailing list