[ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
- Previous message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
- Next message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Fernando Gont
fgont at si6networks.com
Thu May 15 20:33:20 CEST 2014
On 05/15/2014 10:53 AM, Enno Rey wrote: > > given current attacks tools (both fake_router from THC-IPV6 and ra6 > from the SI6 Networks' toolkit) can easily send packets with spoofed > source MAC address, such a tool+list doesn't really help against a > "skilled & motivated attacker". [....] > > In general, the "detection/reaction type of tools" (as opposed to a > "prevention-oriented" security approach) haven't proven their > usefullness too much in the past. FWIW, I agee with Enno here. Besides, an attacker can always send more packets to counter the ramond' "problem solving" packets. Cheers, -- Fernando Gont SI6 Networks e-mail: fgont at si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- Previous message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
- Next message (by thread): [ipv6-wg] Follow-Up on Niall's talk: Ramond (RA Monitoring Daemon)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]