Hi, I'd be interested if people think the idea has merit, and is worth putting more time into.
Thanks very much, Mark. ----- Forwarded Message ----- > From: "internet-dra...@ietf.org" <internet-dra...@ietf.org> > To: markzzzsm...@yahoo.com.au > Cc: > Sent: Sunday, 7 October 2012 11:41 AM > Subject: New Version Notification for > draft-smith-6man-mitigate-nd-cache-dos-slnd-00.txt > > > A new version of I-D, draft-smith-6man-mitigate-nd-cache-dos-slnd-00.txt > has been successfully submitted by Mark Smith and posted to the > IETF repository. > > Filename: draft-smith-6man-mitigate-nd-cache-dos-slnd > Revision: 00 > Title: Mitigating IPv6 Router Neighbor Cache DoS Using Stateless > Neighbor Discovery > Creation date: 2012-10-07 > WG ID: Individual Submission > Number of pages: 9 > URL: > http://www.ietf.org/internet-drafts/draft-smith-6man-mitigate-nd-cache-dos-slnd-00.txt > Status: > http://datatracker.ietf.org/doc/draft-smith-6man-mitigate-nd-cache-dos-slnd > Htmlized: > http://tools.ietf.org/html/draft-smith-6man-mitigate-nd-cache-dos-slnd-00 > > > Abstract: > The IPv6 neighbor discovery cache is vulernable to a Denial of > Service attack that purposely exhausts the state used during the > neighbor discovery address resolution process. This can be very > disruptive when a router is successfully attacked. > > This memo proposes a stateless form of neighbor discovery to be used > by routers to eliminate the opportunity for this DoS attack. This > method of stateless neighbor discovery would be used for unknown or > untrusted packet sources, when the router's neighbor cache's state > capacity reaches a medium to high threshold of use. Trusted packet > sources would continue to be provided with traditional stateful > neighbor discovery. > > > > > > > The IETF Secretariat > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------