16 Dec
2012
16 Dec
'12
4:52 p.m.
On 16/12/12 13:30, Chris Dennis wrote:
[snip[
One thing that struck me from a quick reading of that
was the use of
logfiles for collecting IPv6 addresses. If I set up a website with
something tempting on it, I could then extract the IP addresses of
visitors, and sell them to would-be attackers, in the same way that
people sell lists of email addresses to spammers.
Is there any mileage in configuring each NIC with two quite different
IPv6 addresses, one to be used for outbound connections, but with
nothing at all listening on it? Any services which need to listen for
incoming connections then listen on the second address.
Would seem to render that particular attack vector useless.
John