Re: Microsoft Hack
Alexandre Petrescu <alexandre.petrescu@gmail.com> Tue, 09 March 2021 20:38 UTC
Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14C6D3A0BB2 for <ipv6@ietfa.amsl.com>; Tue, 9 Mar 2021 12:38:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.648
X-Spam-Level: *
X-Spam-Status: No, score=1.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, NICE_REPLY_A=-0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WGTTtP-dkiok for <ipv6@ietfa.amsl.com>; Tue, 9 Mar 2021 12:38:53 -0800 (PST)
Received: from oxalide-smtp-out.extra.cea.fr (oxalide-smtp-out.extra.cea.fr [132.168.224.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 325B53A0BA8 for <ipv6@ietf.org>; Tue, 9 Mar 2021 12:38:53 -0800 (PST)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by oxalide-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 129Kcopj005224 for <ipv6@ietf.org>; Tue, 9 Mar 2021 21:38:50 +0100
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id C50F2208042 for <ipv6@ietf.org>; Tue, 9 Mar 2021 21:38:50 +0100 (CET)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id BB057203E67 for <ipv6@ietf.org>; Tue, 9 Mar 2021 21:38:50 +0100 (CET)
Received: from [10.14.1.72] ([10.14.1.72]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 129KcoTj011071 for <ipv6@ietf.org>; Tue, 9 Mar 2021 21:38:50 +0100
Subject: Re: Microsoft Hack
To: ipv6@ietf.org
References: <CAC8QAccjKvSFk+P3S-oTL79OCFcgP3bRwAAQ4-9=my2hfCgXMg@mail.gmail.com> <7EFE82A7-728F-4B45-8FB0-A9F51C27574D@gmail.com> <CAC8QAccXD=VU1MMydBVy0CbWH7e58kKpbvzv9aDXrDCnb90EkA@mail.gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <69337ae7-68ab-88fd-04c0-235529bdc98d@gmail.com>
Date: Tue, 09 Mar 2021 21:38:50 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1
MIME-Version: 1.0
In-Reply-To: <CAC8QAccXD=VU1MMydBVy0CbWH7e58kKpbvzv9aDXrDCnb90EkA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/IO1mb0QGRXG1zdwva31kLw2BO5M>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Mar 2021 20:38:55 -0000
I am not sure this is relevant to this discussion: There was some discussion on linkedin. Someone (Fernando) posted info about a blog post of Microsoft about several security issues, one of them being the advisory to turn the IPv6 reassembly off. https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/ then https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24086 and then Netsh int ipv6 set global reassemblylimit=0 In that discussion I was saying that a real correction would have been to correct the software (patch) such that it corrects the security vulnerabilities, rather than disable the functionality altogether. I was saying that because I noticed this behaviour that is similar to when somebody disables DHCPv6 port numbers and/or link-scoped multicast because of security risks rather than making sure that the software implementation is correct and tested. But I am not sure this is what the 'Microsoft Hack' topic request was about? Alex Le 09/03/2021 à 20:58, Behcet Sarikaya a écrit : > Hi Bob, > > > On Tue, Mar 9, 2021 at 11:13 AM Bob Hinden <bob.hinden@gmail.com > <mailto:bob.hinden@gmail.com>> wrote: > > Behcet, > > We have not been asked, will consider it if asked. > > > Thanks. I saw some chat messages on it in today's 6man meeting that's > the reason I brought it up. > > > Behcet > > Bob > > >> On Mar 9, 2021, at 8:10 AM, Behcet Sarikaya > <sarikaya2012@gmail.com <mailto:sarikaya2012@gmail.com>> wrote: >> >> Hello Ole, Bob, Folks, >> >> I suggest that the chairs get a presentation arranged at the next > 6man on Thursday (I think Dave Thaler may be asked to do it?) on the > Microsoft Hacking event that we hear on the news, in the press, etc. > these days. >> >> Behcet >> -------------------------------------------------------------------- > >> > IETF IPv6 working group mailing list >> ipv6@ietf.org <mailto:ipv6@ietf.org> Administrative Requests: > https://www.ietf.org/mailman/listinfo/ipv6 > <https://www.ietf.org/mailman/listinfo/ipv6> >> -------------------------------------------------------------------- > >> > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list ipv6@ietf.org Administrative > Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- >
- Microsoft Hack Behcet Sarikaya
- Re: Microsoft Hack Bob Hinden
- Re: Microsoft Hack Behcet Sarikaya
- Re: Microsoft Hack Alexandre Petrescu
- Re: Microsoft Hack Alexandre Petrescu
- Re: Microsoft Hack Behcet Sarikaya