Question re session hijacking in dual stack environments w/MacOS
merlyn at geeks.org
Fri Oct 2 11:58:43 UTC 2015
On Fri, Oct 02, 2015 at 03:46:40AM -0400, Valdis.Kletnieks at vt.edu wrote:
> On Fri, 02 Oct 2015 00:46:47 -0500, Doug McIntyre said:
> > I suspect this is OSX implementing IPv6 Privacy Extensions. Where OSX
> > generates a new random IPv6 address, applies it to the interface, and then
> > drops the old IPv6 addresses as they stale out. Sessions in use or not.
> Isn't the OS supposed to wait for the last user of the old address to close
> their socket before dropping it?
In my experience, no, it doesn't. Ie. the main reason I disable it is
because my ssh sessions hung after some period of time, so ssh had
sockets open, but yet the IPv6 addresses kept rotating out.
Disabling it definately made the ssh sessions stable on OSX.
Apple codes to the masses. Average web browser user or mail client
won't care, that is all they test against. Not people that leave ssh
sessions open for days to weeks at a time.
More information about the NANOG