Be aware of SLAAC adresses
Jérôme Nicolle
jerome at ceriz.fr
Wed Jun 8 10:29:29 UTC 2011
Hi !
To all contributors to this wonderful IPv6 day, juste a short notice :
please avoid SLAAC adresses on your public servers !
First, in case of an hardware crash, the recovery will be done under
presure and most will forget about forcing the new server's mac adress
to the old one, wich will delay the recovery
Second, it's beeing a little too transparent as the MAC adress may
reveal the server's manufacturer, approximate manufacturing tdate, or
the network controler model. Some may use it as a clue to design a
proper exploit...
Just a nightly thought while monitoring seen IPv6 adresses ;)
--
Jérôme Nicolle
More information about the NANOG
mailing list