[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 RA-Guard evasion (and neighbor discovery monitoring) vulnerabilities


I've just published two new IETF Internet-Drafts, that document the
problem of RA-Guard evasion, and propose mitigations.

They are two Internet-Drafts:

* "IPv6 Router Advertisement Guard (RA-Guard) Evasion", available at:

* "Security Implications of the Use of IPv6 Extension Headers with IPv6
Neighbor Discovery", available at:

The motivation for publishing these documents now (and not earlier or
later) is discussed in the first I-D. ;-)

Any comments on these documents will be more than welcome.

P.S.: In case you are not already doing it, please consider
participating in the relevant IETF working groups (v6ops and 6man) by
subscribing to the corresponding mailing-lists (see
https://www.ietf.org/mailman/listinfo/v6ops and


Best regards,
Fernando Gont
e-mail: fernando@xxxxxxxxxxx || fgont@xxxxxxx
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1