Date: Sun, 20 Jul 2014 02:04:10 -0700 From: Loganaden Velvindron <logan@elandsys.com> To: freebsd-net@freebsd.org Cc: gnn@freebsd.org, bz@freebsd.org Subject: IPv6 nodeinfo default behaviour Message-ID: <20140720090410.GA7990@mx.elandsys.com>
next in thread | raw e-mail | index | archive | help
Hi guys, OpenBSD recently removed support for RFC 4620 from their kernel completely. The default value is 3 in FreeBSD. According to the RFC: Security Considerations This protocol shares the security issues of ICMPv6 that are documented in the "Security Considerations" section of [5]. This protocol has the potential of revealing information useful to a would-be attacker. An implementation of this protocol MUST have a default configuration that refuses to answer queries from global- scope [3] addresses. I suggest that we switch to 0 by default to be more RFC compliant. Before I send the patch, I would like to get feedback. Kind regards, //Logan C-x-C-c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140720090410.GA7990>