![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
У меня сегодня день Кассандры:)
IPv6 Routing Header 0 is dangerous.
[...]
An attacker can "amplify" a denial of service attack against a link between
two vulnerable hosts; that is, by sending a small volume of traffic the
attacker can consume a much larger amount of bandwidth between the two
vulnerable hosts.
[...]
NOTE WELL: The solution described below causes IPv6 type 0 routing headers
to be ignored. Support for IPv6 type 0 routing headers can be re-enabled
if required by setting the newly added net.inet6.ip6.rthdr0_allowed sysctl
to a non-zero value.
полностью тут: http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
как его использовать не по назначению - уже известно.
IPv6 Routing Header 0 is dangerous.
[...]
An attacker can "amplify" a denial of service attack against a link between
two vulnerable hosts; that is, by sending a small volume of traffic the
attacker can consume a much larger amount of bandwidth between the two
vulnerable hosts.
[...]
NOTE WELL: The solution described below causes IPv6 type 0 routing headers
to be ignored. Support for IPv6 type 0 routing headers can be re-enabled
if required by setting the newly added net.inet6.ip6.rthdr0_allowed sysctl
to a non-zero value.
полностью тут: http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
как его использовать не по назначению - уже известно.
