[AfrIPv6-Discuss] "Measuring IPv6 resilience and security"
mangawilly at gmail.com
Mon May 4 10:24:56 UTC 2020
I quote a section of their conclusion:
"While we did not observe any attacks specific to the new protocol
itself, we found misconfigured systems to be a common problem. In the
DNS for example,incorrect AAAA records render thousands of services that
are perfectly reachableover IPv4, unreachable over IPv6. Another
example are firewalls, that are often incorrectly configured to handle
traffic containing Extension Headers, resulting in the possibility to
bypass that firewall. This means SSH daemons, used to remotely
configure hosts and devices behind that firewall, are suddenly
reachable,thus imposing a security risk."
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the AfrIPv6-Discuss