Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt

David Malone <dwmalone@maths.tcd.ie> Mon, 14 May 2007 13:56 UTC

Return-path: <ipv6-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hnb2N-00069q-Gr; Mon, 14 May 2007 09:56:31 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hnb2M-00069g-DT for ipv6@ietf.org; Mon, 14 May 2007 09:56:30 -0400
Received: from salmon.maths.tcd.ie ([2001:770:10:300::86e2:510b]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Hnb2K-0006WK-Ru for ipv6@ietf.org; Mon, 14 May 2007 09:56:30 -0400
Received: from walton.maths.tcd.ie ([134.226.81.10] helo=walton.maths.tcd.ie) by salmon.maths.tcd.ie with SMTP id <aa77027@salmon>; 14 May 2007 14:56:27 +0100 (BST)
Received: from localhost ([127.0.0.1] helo=maths.tcd.ie) by walton.maths.tcd.ie with SMTP id <aa58693@walton>; 14 May 2007 14:56:26 +0100 (BST)
To: Joe Abley <jabley@ca.afilias.info>
In-reply-to: Your message of "Mon, 14 May 2007 08:22:38 EDT." <B2AF1B88-C9C6-429D-B9C6-E397EEB77C40@ca.afilias.info>
Date: Mon, 14 May 2007 14:56:26 +0100
From: David Malone <dwmalone@maths.tcd.ie>
Message-ID: <200705141456.aa58693@walton.maths.tcd.ie>
X-Spam-Score: -2.8 (--)
X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f
Cc: ipv6@ietf.org
Subject: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "IP Version 6 Working Group \(ipv6\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Errors-To: ipv6-bounces@ietf.org

> There seem to be many daily examples of very large numbers of client  
> machines being controlled remotely to participate in activities that  
> the owner/operators of those machines aren't aware of. If there's a  
> hook available to turn RH0 processing back on, and RH0 is useful to  
> the kind of people who control botnets today, then I think it's a  
> fair bet that RH0 will be turned back on regardless of the default  
> setting is.

If you want to bounce packets around, it would seem far simpler to
turn on a UDP echo service - it doesn't have to have an 80 bounce
limit.  Or, if it is firewall evasion you're after, configure a
tunnel and turn on forwarding - it could even hide your real source
address.

If you've access to someone's machine and can twiddle parameters
of their IP stack, then RH0 isn't a big deal.

	David.

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------