[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 -> MAC multicast address mapping



Thanks for all the replies - the check goes in.
>From a MIB perspective, I guess those should count as "ipv6IfStatsInHdrErrors".

Regards,

-- Nir Arad

----- Original Message ----- 
From: "Christian Huitema" <huitema@windows.microsoft.com>
To: "Ignatios Souvatzis" <ignatios@theory.cs.uni-bonn.de>
Cc: "IPng mailing list" <ipng@sunroof.eng.sun.com>
Sent: Tuesday, July 29, 2003 10:23 PM
Subject: RE: IPv6 -> MAC multicast address mapping


> > I can't think of a way this is a security problem - can you point this
> out
> > please? With the exception that a DOS might be mounted by sending
> packets
> > to the wrong MAC address that are later discarded... But you'll have
> to
> > stop them at the source, not at the receivers, to prevent the DOS.
> 
> There is a class of attacks based on mismatches between MAC and IP
> addressing. For example, if a node is a member of an IP group, it is
> possible to send it a packet where the MAC destination is the unicast
> MAC address of the node, while the IP destination is the group address.
> Or vice versa, send a packet where the MAC destination is a multicast
> address, but the IP destination is a unicast address. Hackers can use
> the first technique to disrupt the operation of multicast groups, and
> the second one to mount some forms of denial of service attacks. These
> attacks require that the attacker be connected on the same link as a
> target, but there are cases such as public access wireless where this
> isn't much of a mitigation. (University dorms are also a great place for
> such attacks.)
> 
> -- Christian Huitema
> 
> 
> --------------------------------------------------------------------
> IETF IPng Working Group Mailing List
> IPng Home Page:                      http://playground.sun.com/ipng
> FTP archive:                      ftp://playground.sun.com/pub/ipng
> Direct all administrative requests to majordomo@sunroof.eng.sun.com
> --------------------------------------------------------------------
> 
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to majordomo@sunroof.eng.sun.com
--------------------------------------------------------------------