On Thu, 2002-08-22 at 12:18, Jun-ichiro itojun Hagino wrote: > This ambiguity creates chances to malicious party to trick victim nodes. > Here are a couple of examples: How are these any different than with IPv4? I can send bad source addresses in IPv4 just as easily as in IPv6. IPv6 might even make it easier to do, e.g., reverse-path filtering (less prefixes to worry about). Any kernel that takes a packet saying it is from the local host off the wire is broken. Any firewall that allows through a packet from the Internet saying it is from the LAN is broken.
Attachment:
signature.asc
Description: This is a digitally signed message part
