[Attendee] Rogue RA

Michael Sinatra michael at rancid.berkeley.edu
Tue Jun 16 21:20:15 UTC 2009

I mentioned that we often get rogue RAs on wireless networks. 
Conferences are no exception.  As of right now on my laptop (in the :

michael at eth-0-1e-c2-bf-f8-82:~$ ifconfig en1
	inet netmask 0xfffffc00 broadcast
	inet6 fe80::21e:c2ff:febf:f882%en1 prefixlen 64 scopeid 0x6
	inet6 2620::ce0:1:21e:c2ff:febf:f882 prefixlen 64 autoconf
 >>>>	inet6 2002:4bc4:cf11:b:21e:c2ff:febf:f882 prefixlen 64 autoconf
	inet6 fec0::b:21e:c2ff:febf:f882 prefixlen 64 autoconf
	ether 00:1e:c2:bf:f8:82
	media: autoselect status: active
	supported media: autoselect

Fortunately, my default route hasn't (yet) changed so I am not having 
any connectivity problems related to this.

If I have decoded the 6to4 address properly, the RAs are being announced 
by the host with IPv4 address, which is a Verizon Wireless 
data IP address.  If this is you, can you please turn off connection 
sharing while you're in the conference area?  Also, I wouldn't mind 
learning more about your configuration (if you're willing to chat) so 
that I can replicate it in the lab.  I am testing various defenses 
against rogue RAs.


More information about the Attendee mailing list