I-D Action:draft-ietf-v6ops-tunnel-loops-07.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IPv6 Operations Working Group of the IETF.


	Title           : Routing Loop Attack using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations
	Author(s)       : G. Nakibly, F. Templin
	Filename        : draft-ietf-v6ops-tunnel-loops-07.txt
	Pages           : 20
	Date            : 2011-05-06

This document is concerned with security vulnerabilities in IPv6-in-
IPv4 automatic tunnels.  These vulnerabilities allow an attacker to
take advantage of inconsistencies between the IPv4 routing state and
the IPv6 routing state.  The attack forms a routing loop which can be
abused as a vehicle for traffic amplification to facilitate DoS
attacks.  The first aim of this document is to inform on this attack
and its root causes.  The second aim is to present some possible
mitigation measures.  It should be noted that at the time of this
writing there are no known reports of malicious attacks exploiting
these vulnerabilities.  Nonetheless, these vulnerabilities can be
activated by accidental misconfiguarion.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-tunnel-loops-07.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-ietf-v6ops-tunnel-loops-07.txt>
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux