Lew Wolfgang wrote:
On 4/29/23 09:34, Andrei Borzenkov wrote:
On 29.04.2023 18:50, Lew Wolfgang wrote:
By the way, how do you mitigate the rogue RA problem? There's even a RFC about it? (RFC-6104) As mentioned, I've been affected by this at work.
And in our office someone connected an appliance with DHCPv4 server so in the morning nobody could access servers and routers. Where is the difference? If someone has physical access and/or administrator privileges all bets are off.
To prevent it you need to secure your infrastructure and do not allow anyone to access network unauthenticated. But it has nothing to do with IPv4 vs IPv6.
Of course, but on our network a Windows user could, through ignorance, configure her legitimately connect host to advertise a route to a second interface on her machine.
I guess your corporate networking policy is very different to anything I have seen in over thirty years. My wife works for a bank - there is virtually nothing she can do to her laptop.
That's different from malicious intent requiring overt compromise of the physical network. The Rogue Router Advertisement problem was so acute that an RFC was created.
Indeed, so acute it was left to rot ever since. If you have read the RFC (I have now), it is clear there is nothing acute about that issue, it virtually never happens. -- Per Jessen, Zürich (16.4°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes