A new Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IPv6 Operations Working Group of the IETF.
Title : Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)
Author(s) : F. Gont
Filename : draft-ietf-v6ops-ra-guard-implementation
Pages : 19
Date : Oct. 29, 2012
The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly
employed to mitigate attack vectors based on forged ICMPv6 Router
Advertisement messages. Many existing IPv6 deployments rely on RA-
Guard as the first line of defense against the aforementioned attack
vectors. However, some implementations of RA-Guard have been found
to be prone to circumvention by employing IPv6 Extension Headers.
This document describes the evasion techniques that affect the
aforementioned implementations, and formally updates RFC 6105, such
that the aforementioned RA-Guard evasion vectors are eliminated.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-ra-guard-implementation-05.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-v6ops-ra-guard-implementation>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
