[LAC-TF] LACTF Digest, Vol 150, Issue 15
Chambi Rene
rene.chambi at cotel.bo
Fri Oct 14 13:20:33 BRT 2016
Distinguido:
Remitir a este otro correo Gerencia de Planificacion y Proyectos (resp. Ing.
Rene Chambi)
gracias
Atte
Rene Chambi
-----Mensaje original-----
De: LACTF [mailto:lactf-bounces at lacnic.net] En nombre de
lactf-request at lacnic.net
Enviado el: Miércoles, 28 de Septiembre de 2016 11:00 a.m.
Para: lactf at lacnic.net
Asunto: LACTF Digest, Vol 150, Issue 15
Send LACTF mailing list submissions to
lactf at lacnic.net
To subscribe or unsubscribe via the World Wide Web, visit
https://mail.lacnic.net/mailman/listinfo/lactf
or, via email, send a message with subject or body 'help' to
lactf-request at lacnic.net
You can reach the person managing the list at
lactf-owner at lacnic.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of LACTF digest..."
Today's Topics:
1. Platicas sobre IPv6 en #LACNIC26 #LACNOG16
(Azael Fernandez Alcantara)
2. Re: Fwd: CVE-2016-1409: IPv6 Neighbor Discovery Crafted
Packet Denial of Service Vulnerability (Ivan Chapero)
----------------------------------------------------------------------
Message: 1
Date: Tue, 27 Sep 2016 16:03:04 -0500
From: Azael Fernandez Alcantara <afaza at unam.mx>
To: GT IPv6 LAC / LAC IPv6 TF <lactf at lacnic.net>
Subject: [LAC-TF] Platicas sobre IPv6 en #LACNIC26 #LACNOG16
Message-ID:
<alpine.LFD.2.00.1609271557230.2857 at pine.servidores.unam.mx>
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Buen Dia,
Manana miercoles 28, platicas sobre IPv6 en #LACNIC26 #LACNOG16 ,
desde las 9 am (UTC/GMT -6)
http://www.lacnic.net/en/web/eventos/lacnic26-agenda-lacnog
En vivo:
http://www.lacnic.net/web/eventos/lacnic26-webcast
http://www.lacnic.net/en/web/eventos/lacnic26-webcast
http://www.lacnic.net/pt/web/eventos/lacnic26-webcast
SALUDOS
_________________________________________________________________
Azael Fernandez Alcantara
Moderador del FLIP6 y de la lista LACTF
https://twitter.com/LACTF
_________________________________________________________________
Mensaje enviado sin acentos
------------------------------
Message: 2
Date: Wed, 28 Sep 2016 00:06:12 -0300
From: Ivan Chapero <info at ivanchapero.com.ar>
To: lactf at lac.ipv6tf.org
Subject: Re: [LAC-TF] Fwd: CVE-2016-1409: IPv6 Neighbor Discovery
Crafted Packet Denial of Service Vulnerability
Message-ID:
<CAPQhFbcfaZ4EsL6pBeJHwU=GN8wWYA=XgpvG=yJnW+vRNmCg3w at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hola,
Juniper veo que liber? ayer por lo menos para la rama recomendada en los MX
un fix.
En CISCO veo que sigue en categor?a de bug y con un workaround manual
basado en ACL:
https://quickview.cloudapps.cisco.com/quickview/bug/CSCva94139
??Saludos.
2016-08-15 15:04 GMT-03:00 Azael Fernandez Alcantara <afaza at unam.mx>:
> Buen Dia,
>
> Tambien puede servir lo comentado en la sig. liga:
>
> https://www.insinuator.net/2016/05/cve-2016-1409-ipv6-ndp-
> dos-vulnerability-in-cisco-software/
>
>
> SALUDOS
> _______
> Azael
> ____________________________
> Mensaje enviado sin acentos
>
>
>
> On Sun, 14 Aug 2016, Fernando Gont wrote:
>
> FYI.
>>
>> Aparentemente, algunos dispositivos no descartan los paquetes de ND
>> recibidos cuando el Hop Limit != 255.
>>
>> Esto, sumado a que implementar "ARP" sobre IP (como es el caso de ND)
>> permite que dicho trafico sea ruteable, lleva a cosas como estas.
>>
>> En fin...
>>
>>
>> -------- Forwarded Message --------
>> Subject: CVE-2016-1409: IPv6 Neighbor Discovery Crafted Packet Denial of
>> Service Vulnerability
>> Date: Wed, 10 Aug 2016 17:52:16 +0000
>> From: Suresh Krishnan <suresh.krishnan at ericsson.com>
>> To: IETF IPv6 Mailing List <ipv6 at ietf.org>, IPv6 Operations
>> <v6ops at ops.ietf.org>, 6man-chairs at ietf.org <6man-chairs at ietf.org>,
>> v6ops-chairs at ietf.org <v6ops-chairs at ietf.org>
>>
>> Hi all,
>> I have been notified about this vulnerability and have been asked
>> whether this is due to an issue with the IPv6 protocol specifications.
>> At first glance, I have a hard time seeing how this attack is possible
>> on any compliant RFC4861 implementation given that the 255 Hop Limit
>> check would drop any remote attack packets. If someone on the 6man/v6ops
>> mailing lists has further info, can you please contact me off-list. My
>> goal is to figure out if there is any protocol work or operational
>> guidance needed from the IETF side.
>>
>> More info:
>>
>> This is the CVE list entry in question
>>
>> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1409
>>
>> The Cisco security advisory
>>
>> https://tools.cisco.com/security/center/content/CiscoSecurit
>> yAdvisory/cisco-sa-20160525-ipv6
>>
>> The Juniper knowledge base entry
>>
>> https://kb.juniper.net/InfoCenter/index?page=content&id=
>> JSA10749&cat=SIRT_1&actp=LIST
>>
>> Thanks
>> Suresh
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6 at ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
>> _______________________________________________
>> LACTF mailing list
>> LACTF at lacnic.net
>> https://mail.lacnic.net/mailman/listinfo/lactf
>> Cancelar suscripcion: lactf-unsubscribe at lacnic.net
>>
>> _______________________________________________
> LACTF mailing list
> LACTF at lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lactf
> Cancelar suscripcion: lactf-unsubscribe at lacnic.net
>
--
*Ivan Chapero?rea T?cnica y Soporte*
Fijo: 03464-470280 (interno 535) | M?vil: 03464-155-20282 | Skype ID:
ivanchapero
--
GoDATA Banda Ancha - CABLETEL S.A. | Av. 9 de Julio 1163 - 2183 - Arequito
- Santa Fe - Argentina
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://mail.lacnic.net/pipermail/lactf/attachments/20160928/1d71ba3c/attac
hment-0001.html>
------------------------------
Subject: Digest Footer
_______________________________________________
LACTF mailing list
LACTF at lacnic.net
https://mail.lacnic.net/mailman/listinfo/lactf
Cancelar suscripcion: lactf-unsubscribe at lacnic.net
------------------------------
End of LACTF Digest, Vol 150, Issue 15
**************************************
More information about the LACTF
mailing list