-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Knott wrote:
G T Smith wrote:
Hmm... this not so much a lesson but a failure of service. How many consumer users are actually able to discover this, let alone understand the implications.
Fortunately, with IPv6, the address range is so huge and likely to always be sparsely populated, that pinging on a bunch of addresses, to find a target, will be futile. Attackers will have to intercept an address somehow, to be able to find something to attack.
Who actually uses only numeric addresses to access devices? There is a huge numeric address space but a slightly more specific name space. Broadcast and crawling attacks are also not the only way to glean info on vulnerabilities. If you have a hole is wise to assume that someone will not find and use it? - -- ============================================================================== I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup ============================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkwMtRsACgkQasN0sSnLmgJgAACfZZ6Ygu4wmdBYV3cqnvigt8A3 8c0An0fPfq8lTrREGRXGF12N+CbQhmvU =K0lc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org