0day Windows Network Interception Configuration Vulnerability

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Apr 4 16:14:56 UTC 2011

On Mon, 04 Apr 2011 08:46:22 PDT, "andrew.wallace" said:
> Someone has recently post to a mailing list: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080096.html

*yawn* No news, move along, nothing to see.  RFC4862, section 6:

   The use of stateless address autoconfiguration and Duplicate Address
   Detection opens up the possibility of several denial-of-service
   attacks.  For example, any node can respond to Neighbor Solicitations
   for a tentative address, causing the other node to reject the address
   as a duplicate.  A separate document [RFC3756] discusses details
   about these attacks, which can be addressed with the Secure Neighbor
   Discovery protocol [RFC3971].  It should also be noted that [RFC3756]
   points out that the use of IP security is not always feasible
   depending on network environments.

Note that similar text was present in RFC2462, all the way back in Dec 1998.

So somebody's 13 years late to the party.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110404/4cec66f7/attachment.sig>

More information about the NANOG mailing list