15 May
2014
15 May
'14
8:33 p.m.
On 05/15/2014 10:53 AM, Enno Rey wrote:
given current attacks tools (both fake_router from THC-IPV6 and ra6 from the SI6 Networks' toolkit) can easily send packets with spoofed source MAC address, such a tool+list doesn't really help against a "skilled & motivated attacker".
[....]
In general, the "detection/reaction type of tools" (as opposed to a "prevention-oriented" security approach) haven't proven their usefullness too much in the past.
FWIW, I agee with Enno here. Besides, an attacker can always send more packets to counter the ramond' "problem solving" packets. Cheers, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492