[AfrIPv6-Discuss] "Measuring IPv6 resilience and security"

Willy Manga mangawilly at gmail.com
Mon May 4 10:24:56 UTC 2020

Previous message: [AfrIPv6-Discuss] Participez au webinaire d'AFRINIC - Comment créer le plan d'adressage idéal
Next message: [AfrIPv6-Discuss] Cloud Innovation Displays Very Poor, If Not Criminal, Netizenship
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Worth reading

https://ris.utwente.nl/ws/portalfiles/portal/83243381/thesis_L_Hendriks.pdf

I quote a section of their conclusion:

"While we did not observe any attacks specific to the new protocol
itself, we found misconfigured systems to be a common problem. In the
DNS for example,incorrect AAAA records render thousands of services that
are perfectly reachableover IPv4, unreachable over IPv6. Another
example are firewalls, that are often incorrectly configured to handle
traffic containing Extension Headers, resulting in the possibility to
bypass that firewall. This means SSH daemons, used to remotely
configure hosts and devices behind that firewall, are suddenly
reachable,thus imposing a security risk."

--
Willy Manga
@ongolaboy
https://ongola.blogspot.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.afrinic.net/pipermail/afripv6-discuss/attachments/20200504/8cd664a5/attachment.sig>

Previous message: [AfrIPv6-Discuss] Participez au webinaire d'AFRINIC - Comment créer le plan d'adressage idéal
Next message: [AfrIPv6-Discuss] Cloud Innovation Displays Very Poor, If Not Criminal, Netizenship
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AfrIPv6-Discuss mailing list