[LACNIC/Seguridad] Nuevo IETF I-D: ND-Shield (Fwd: New Version Notification for draft-gont-opsec-ipv6-nd-shield-00.txt)

Fernando Gont fgont en si6networks.com
Mar Jun 5 10:16:57 BRT 2012


Acabo de publicar un nuevo IETF I-D, titulado "Neighbor Discovery Shield
(ND-Shield): Protecting against Neighbor Discovery Attacks". El mismo
es, tal vez, la ultima pieza del rompecabezas en materia de mitigación
de ataques basados en Neighbor Discovery.

El I-D en cuestión está disponible en:

La sección "DISCLAIMER" plantea algunos temas generales sobre los que
apreciaría comentarios.

Saludos cordiales, y gracias!

-------- Original Message --------
Subject: New Version Notification for draft-gont-opsec-ipv6-nd-shield-00.txt
Date: Tue, 05 Jun 2012 06:05:24 -0700
From: internet-drafts en ietf.org
To: fgont en si6networks.com

A new version of I-D, draft-gont-opsec-ipv6-nd-shield-00.txt has been
successfully submitted by Fernando Gont and posted to the IETF repository.

Filename:	 draft-gont-opsec-ipv6-nd-shield
Revision:	 00
Title:		 Neighbor Discovery Shield (ND-Shield): Protecting against
Neighbor Discovery Attacks
Creation date:	 2012-06-05
WG ID:		 Individual Submission
Number of pages: 22

   This document specifies a mechanism that can be implemented in
   layer-2 devices to mitigate attack vectors based on Neighbor
   Discovery messages.  It is meant to complement other mechanisms
   implemented in layer-2 devices such as Router Advertisement Guard
   (RA-Guard) and DHCPv6-Shield, with the goal of achieving a
   comprehensive IPv6 First Hop Security solution.  This document is
   motivated by the desire to achieve feature parity with IPv4 with
   respect to First Hop Security mechanisms.

The IETF Secretariat

Más información sobre la lista de distribución Seguridad