the presentation: May 4th,
2014
9th Network Security Event for Latin America and the Caribbean
(LACSEC 2014)
Chair
Fernando Gont (SI6 Networks/UTN-FRH, Argentina)
Evaluation Committee
Iván Arce (Fundación Sadosky, Argentina)
Carlos A. Ayala Rocha (Arbor Networks, Mexico)
Julio César
paths are
selected based on the value of a number of variables.
Configuration file is dynamically generated, with the right path
to the oui.txt file.
= CHANGELOG =
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25
organizers, and
Enno Rey, for the warm reception, and the great time.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
-privacy-addresses-07.
This proposal is key for the mitigation of address-scanning attacks,
while at the same time preventing host-tracking.
Stay tuned for more IPv6 security news on our Twitter account:
@SI6Networks
Thanks!
Best regards,
Fernando Gont
- Original Message
,
please check the security conferences we will be attending this year
http://www.si6networks.com/index.html#conferences.
As always, you can follow us on Twitter to get the latest news about
IPv6 security: @SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg
the
ipv6hackers mailing list:
http://www.si6networks.com/community/mailing-lists.html.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
systems across networks, even if they employ the
so-called Privacy Address (and yes, that includes Microsoft Windows
systems).
Thanks,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE
.
IMPORTANT DATES
* Deadline for proposal submission: March 1st, 2013
* Notification of acceptance: March 11st, 2013
* Deadline for submitting the final version the presentation: May 5th,
2012
8th Network Security Event for Latin America and the Caribbean
(LACSEC 2013)
Chair
Fernando Gont (SI6
of Linux, FreeBSD,
NetBSD, OpenBSD, and Mac OS X.
Please send any bug reports and/or feature requests to
fg...@si6networks.com.
As always, you can get the latest news on IPv6 security research and
tools by following us on Twitter: @SI6Networks.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e
-lists.html -- feel free
to join -- it's a low-noise and very focused list.
P.S.: Please do read the scan6 manual page before using the tool .. you
might cause trouble to the target network and/or to your own network.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP
,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJRARJhAAoJEK4lDVUdTnSS8WUQAIqZ7hw4LZxEafwStMHaKBi0
/xa3WJH/tbwpzuZrMkNwo6fyfUIaJuQnjIT0HNnYWpRIO
.
IMPORTANT DATES
* Deadline for proposal submission: March 1st, 2013
* Notification of acceptance: March 11st, 2013
* Deadline for submitting the final version the presentation: May 5th,
2012
8th Network Security Event for Latin America and the Caribbean
(LACSEC 2013)
Chair
Fernando Gont (SI6
Implications of IPv6 Fragmentation with IPv6
Neighbor Discovery
URL:
http://www.ietf.org/internet-drafts/draft-ietf-6man-nd-extension-headers-02.txt
Thanks,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
perform an assessment of your
implementation with respect to the identified issues.
Thanks!
Best regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
--
Fernando Gont
SI6 Networks
e-mail: fg
://www.si6networks.com
And yes, you can follow us on Twitter: @SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
, slideware, videos, and other materials
about IPv6 security at our web site: http://www.si6networks.com
And yes, you can follow us on Twitter: @SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E
://www.hackingipv6networks.com/upcoming-t, and
currently includes trainings in Ghent (Belgium), Lisbon (Portugal), and
Rio de Janeiro (Brazil).
Please follow us on Twitter to get the latest news about the IPv6
Toolkit and IPv6 security: @SI6Networks
Thanks!
Best regards,
--
Fernando Gont
SI6
trainings http://www.hackingipv6networks.com/upcoming-t
Follow us on twitter: @SI6Networks
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU
...
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
on twitter: @SI6Networks
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJP8kDSAAoJEK4lDVUdTnSSm18QAJng/bbmhdOUXxZx26pf9kIr
, it's a human-readable version of the IETF Internet-Draft I
published a month ago or so about IPv6 host scanning (see:
http://www.si6networks.com/presentations/ietf.html))
Cheers,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55
Folks,
FWIW, the full article is available at the URL below (you don't need to
subscribe... just scroll the window down).
CHeers,
Fernando
On 06/08/2012 07:32 AM, Fernando Gont wrote:
Folks,
TechTarget has published an article I've authored for them, entitled
Analysis: Vast IPv6 address
in the article does it say anything about vast address
space... enables attacks?
The title and the article don't match.
I might agree. The title was changed pre-publication. -- My original
title was something along the lines of Host scanning in IPv6 networks.
Cheers,
--
Fernando Gont
SI6 Networks
e
, draft-gont-opsec-ipv6-nd-shield-00.txt has been
successfully submitted by Fernando Gont and posted to the IETF repository.
Filename:draft-gont-opsec-ipv6-nd-shield
Revision:00
Title: Neighbor Discovery Shield (ND-Shield): Protecting against
Neighbor Discovery Attacks
? -- Follow us on Twitter: @SI6Networks
Thanks,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJPvIk7AAoJEK4lDVUdTnSSe3sP/AxzLHwfKyC4Yg
Report -- Carlos Ayala (Arbor Networks)
IPv6 Network Reconnaissance -- Fernando Gont (SI6 Networks)
Invited talk: RPKI: Experiences after one year of operation, and next
steps -- Carlos Martinez (LACNIC) Arturo Servin (LACNIC)
Additionally, LACSEC 2012 will feature a slot for Lightning Talks
implications of native IPv6
support and IPv6 transition/co-existence technologies on IPv4-only
networks, and describes possible mitigations for the aforementioned
issues.
cut here
Any feedback will be very welcome.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg
... but hopefully a good
starting point, and a nice reading ;-) ).
Thanks!
P.S.: Public discussion mostly welcome on the IPv6 hackers mailing-list
http://lists.si6networks.com/listinfo/ipv6hackers/, but I'd be happy
to discuss it here, too.
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg
at:
http://www.si6networks.com/presentations/index.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
___
Full-Disclosure - We believe
.
cut here
Interested in IPv6 security? -- Follow us on Twitter: @SI6Networks
Interested in discussing IPv6 security topics? -- Join the ipv6hackers@
mailing-list at: http://www.si6networks.com/community/mailing-lists.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg
: internet-dra...@ietf.org
To: fg...@si6networks.com
A new version of I-D, draft-gont-6man-predictable-fragment-id-01.txt has
been successfully submitted by Fernando Gont and posted to the IETF
repository.
Filename:draft-gont-6man-predictable-fragment-id
Revision:01
Title
Folks,
FYI, just posted:
http://blog.si6networks.com/2012/02/ipv6-nids-evasion-and-improvements-in.html
It contains some test results regarding the implementation of RFC 5722
and draft-ietf-6man-ipv6-atomic-fragments.
Thanks,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP
Folks,
FYI, we've published a new IETF I-D entitled Security and
Interoperability Implications of Oversized IPv6 Header Chains.
The I-D is available at:
http://tools.ietf.org/id/draft-gont-6man-oversized-header-chain-00.txt
Any feedback will be very welcome.
Thanks,
--
Fernando Gont
SI6
Folks,
FYI. (the RFC is available at: http://www.rfc-editor.org/rfc/rfc6528.txt)
A new Request for Comments is now available in online RFC libraries.
RFC 6528
Title: Defending against Sequence Number Attacks
Author: F. Gont, S. Bellovin
Status:
...@ietf.org, and CC me if possible.
Thanks!
Best regards,
Fernando
Original Message
Subject: RA-Guard: Advice on the implementation (feedback requested)
Date: Wed, 01 Feb 2012 21:44:29 -0300
From: Fernando Gont fg...@si6networks.com
Organization: SI6 Networks
To: IPv6
...@ietf.org, and CC me if possible.
Thanks!
Best regards,
Fernando
Original Message
Subject: RA-Guard: Advice on the implementation (feedback requested)
Date: Wed, 01 Feb 2012 21:44:29 -0300
From: Fernando Gont fg...@si6networks.com
Organization: SI6 Networks
To: IPv6
* Deadline for proposal submission: February 15th, 2012
* Notification of acceptance: February 27th, 2012
* Deadline for submitting the final version the presentation: May 6th, 2012
7th Network Security Event for Latin America and the Caribbean
(LACSEC 2012)
Chair
Fernando Gont (SI6 Networks/UTN
.: The whole article is available online, and you can read it even
without registering... just scroll the web page...
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
, a discussion of possible
issues with SEND as a result of IPv6 fragmentation.
Any feedback will be very appreciated.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
and
employed in the IPv4 world.
Any feedback will be greatly appreciated. -- If possible, send your
feedback to: v6...@ietf.org (the relevant IETF mailing-list), and CC'me.
Follow Us on Twitter: @SI6Networks
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP
Follow Us on twitter: SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
.
Any feedback will be really appreciated.
P.S.: Also, feel free to discuss the I-D on the ipv6hackers mailing-list
http://lists.si6networks.com/listinfo/ipv6hackers/
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25
-lists.html.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJOybnrAAoJEK4lDVUdTnSSL+IP/1tzwbRp/ZNpfnJMXh4/1G8g
-ipv6-networks.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
(during DEEPSEC 2011). Please check out the details at
http://www.si6networks.com/index.html#conferences.
Thanks!
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
Web: www.si6networks.com | Twitter: @SI6Networks
to join the IPv6 Hackers
mailing-list: http://www.si6networks.com/community/mailing-lists.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
___
Full-Disclosure - We believe
we will have some
discussion about that over there.
Yep... will post something right now, and see if that triggers discussion.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
post, curiously enough the problem statement
(RFC6104) is about accidental RAs, while the RA-Guard spec itself aims
to be a security device.
Thanks,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
___
Full
://lists.si6networks.com/listinfo/ipv6hackers/
General information about our mailing-lists is available at:
http://www.si6networks.com/community/mailing-lists.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
your post, I must admit :-) --
particularly when at least half of the stuff that usually gets published
about IPv6 security has to do with how the mandatory-ness of IPsec is
going to save us all. :-)
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http
examples.
Thanks!
Best regards,
--
Fernando Gont
Hacking IPv6 Networks Security Trainings
e-mail: fg...@hackingipv6networks.com
web: http://www.hackingipv6networks.com
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Folks,
The IETF has just published RFC 6274, entitled Security Assessment of
the Internet Protocol Version 4. It contains a large amount of
information on how to improve the security of IPv4 implementations and
IPv4 deployments.
This document is the
be
cooperating more between each other regarding IPv6 security
Thanks,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe in it.
Charter: http
/mailman/listinfo/ipv6).
Thanks!
Best regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
://www.cpni.gov.uk/Documents/Publications/2011/2011mar22-infosec-cpni_viewpoint_security_implications_of_IPv6.pdf
Best regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org PGP
Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
* Deadline for submitting the final version the presentation: May 9th, 2011
“6th Network Security Event for Latin America and the Caribbean” (LACSEC
2011)
Chair
Fernando Gont (UTN/FRH, Argentina)
Evaluation Committee
Eduardo Carozo (Amparo Project, Uruguay)
Lorena Ferreyro (Independent
port
numbers). This memo documents an Internet Best Current Practice.
cut here
The RFC is available at: http://www.rfc-editor.org/rfc/rfc6056.txt
P.S.: Below you'll find the formal announcement sent out by the RFC Editor.
Thanks!
Best regards,
Fernando Gont
Original Message
PM, Fernando Gont fernando.g...@gmail.com wrote:
Folks,
I thought you might enjoy the slides of a talk about IPv6 security I
gave last week at LACNOG (http://www.lacnog.org). The slides are
available at:
http://www.gont.com.ar/talks/lacnog2010/fgont-lacnog2010-ipv6-security.pdf
://www.lacnog.org/en/meetings/lacnog-2010/agenda-lacnog-2010)
Thanks!
Kind regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe
Hi,
I'm curious if anybody is aware of the details of the IPv6 DoS
vulnerabilities listed in the aforementioned advisory (available at:
http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml).
Thanks!
Kind regards,
Fernando
___
.txt
Thanks,
Fernando Gont
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
generation one).
P.S.: Related technical reports, presentations and stuff available at:
http://www.gont.com.ar
Thanks!
Kind regards,
Fernando Gont
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
of the Internet Protocol that I wrote for CPNI a couple of
years ago, and that is available at:
http://www.cpni.gov.uk/Docs/InternetProtocol.pdf
Any comments will be more than welcome! -- feel free to post them
here, or send them unicast to me at: ferna...@gont.com.ar
Thanks!
Kind regards,
Fernando Gont
.
Thanks!
Kind regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
On Fri, Nov 27, 2009 at 1:59 AM, Ivan Security ivanch...@gmail.com wrote:
Has anyone more details about this vulnerability?. The advisory just say:
The vulnerability exists due to the TCP/IP stack not cleaning up state
information correctly. This causes the TCP/IP stack to reference a field as
Please check again. They links do work.
On Fri, Jun 26, 2009 at 3:41 PM, Hal Wigodahwig...@mindspring.com wrote:
sorry, but the links do not work.
On Jun 25, 2009, at 11:28 PM, Fernando Gont wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello, folks,
In February this year
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello, folks,
In February this year the UK CPNI published the document Security
Assessment of the Transmission Control Protocol (TCP) (available at:
http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf)
Earlier this year we published
it to
the mailing-list, even if you are not subscribed to it. (Alternatively,
you can send me your input, and I could forward it to the t...@ietf.org
mailing-list).
Thanks!
Kind regards,
- --
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE
of the document on my personal web
site: http://www.gont.com.ar
Any comments will be more than welcome.
Kind regards,
- --
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
-BEGIN PGP SIGNATURE-
Version: GnuPG
(although your message will be held for moderator approval before
it is distributed to the list members).
The deadline for posting your opinion is January 9th (next Friday).
Thanks so much!
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003
(although your message will be held for moderator approval before
it is distributed to the list members).
The deadline for posting your opinion is January 9th (next Friday).
Thanks so much!
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003
a better port reuse frequency
that even the traditional BSD port selection algorithm, thus probably
avoiding some collisions that you would have experienced with the
traditional BSD port selection algorithm.
Thanks!
Kind regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP
At 04:50 p.m. 01/09/2008, coderman wrote:
On Sun, Aug 31, 2008 at 10:44 PM, Fernando Gont
[EMAIL PROTECTED] wrote:
... IETF Internet-Draft about port randomization...
wget -qO -
http://www.gont.com.ar/drafts/port-randomization/draft-ietf-tsvwg-port-randomization-02.txt
| grep -i grsec
At 11:15 a.m. 02/09/2008, coderman wrote:
On Tue, Sep 2, 2008 at 2:06 AM, Fernando Gont [EMAIL PROTECTED] wrote:
... there's no description of what Windows does
some things speak for themselves... :)
What speaks for itself?
Our work is a proposal for a few alternatives for doing port
the identified issues get documented in an
official IETF document, and hopefully the IETF standards are modified as
necessary.
Any feedback on the IETF I-D and/or the original UK CPNI document will be
more than welcome.
Thanks!
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version
will be more than welcome.
Thanks!
Kind regards,
- --
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003) - not licensed for commercial
use
will be more than welcome.
Thanks!
Kind regards,
- --
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003) - not licensed for commercial
use
comments on grsecurity's approach for port randomization?
Thanks,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe in it.
Charter: http
is available at CPNI's web site:
http://www.cpni.gov.uk/Products/technicalnotes/3677.aspx
Any comments will be more than welcome.
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003) - not licensed for commercial
use: www.pgp.com
wsBVAwUBSKSBzGl
comments we receive in the next few weeks.
Thanks,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe in it.
Charter: http
On Dec 9, 2007 2:20 AM, reepex [EMAIL PROTECTED] wrote:
~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt
~$
as stated by the last person its very strange you do not mention grsecurity
in your
Survey of the algorithms in use by some popular implementations
Well, it's just *some*
: SHA1
Strangely enough this stuff exists for more than 3 years ... Think GRSEC
and more specifically Network stack randomization.
Well of course bow to IETF for accepting this for draft ...
Fernando Gont wrote:
Folks,
We have published a revision of our port randomization paper
will be welcome.
The document is available at:
http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt
Additionally, it is available in other fancy formats (PDF and HTML)
at: http://www.gont.com.ar/drafts/port-randomization/index.html
Thanks,
--
Fernando Gont
e-mail: [EMAIL
.
Kind regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
free to post your comments/questions on-list or send them
off-list to : [EMAIL PROTECTED]
Thanks,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
___
Full-Disclosure - We
should go to /dev/null.
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
At 04:08 p.m. 05/09/2005, alex wrote:
Russian version (22.08.2005, with some analysis):
http://www.securitylab.ru/contest/239695.php
IIRC, those Cisco products that are not vulnerable to the PMTU just don't
implement PMTUD, right?
___
be sent to /dev/null.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
, and is hosted on an OpenBSD server.
If your bored, go and get a book. Belive me: it won't bite you.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk
here continues to be ignored.
If I were any of the involved organizations/companies, I'd certainly pay
people to do the same thing you're doing: adding non-sensical noise.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED
harm than
good?).
And have the specs address these issues. That's the real and final fix for
these issues.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
, and make your
vendor understand it and fix them, and get involved to have the IETF specs
address these issues.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http
you do? Where do you draw the line in the sand?
Again and again: Read the draft at
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
It fixes the problem without having to draw any line.
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED
attack you with IP fragments.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
you these attacks were not easy to
perform, and show them the packet traces you obtain.
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
/icmp-attacks-against-tcp.html
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
At 07:25 p.m. 20/07/2005, Darren Reed wrote:
In some mail from Fernando Gont, sie said:
The IPv4 minimum MTU is 68, and not 576. If you blindly send packets
larger
than 68 with the DF bit set, in the case there's an intermmediate with an
MTU lower that 576, the connection will stall
. It also needs to be
enforced when the MTU parameter is checked in ICMP need frag
packets.
So I must assume this e-mail discusses a blind ICMP-based attacks?
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We
a formula
than to master a principle.
- James Clerk Maxwell
Kindest regards,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
100 matches
Mail list logo