Question re session hijacking in dual stack environments w/MacOS

Mark Tinka mark.tinka at seacom.mu
Wed Oct 7 14:42:25 UTC 2015


On 2/Oct/15 07:46, Doug McIntyre wrote:

> I suspect this is OSX implementing IPv6 Privacy Extensions. Where OSX
> generates a new random IPv6 address, applies it to the interface, and then
> drops the old IPv6 addresses as they stale out. Sessions in use or not.
>
> sudo sysctl -w net.inet6.ip6.use_tempaddr=0
>
> sudo sh -c 'echo net.inet6.ip6.use_tempaddr=0 >> /etc/sysctl.conf'

Interesting. Thanks, Doug.

I just upgraded to El Capitan, so I'll see if there are any changes in
that when I'm back in the office, and then look at your suggestion if
not. Thanks.

Mark.



More information about the NANOG mailing list