RFC 4890: Recommendations for Filtering ICMPv6 Messages in Firewalls

All you fans of mindlessly blocking ICMP traffic are going to be in trouble if you try that strategy with IPv6. Luckily this month RFC 4890: Recommendations for Filtering ICMPv6 Messages in Firewalls was just published. This Informational RFC provides concrete guidance using these categories:

  • Traffic That Must Not Be Dropped

  • Traffic That Normally Should Not Be Dropped

  • Traffic That Will Be Dropped Anyway -- No Special Attention Needed

  • Traffic for Which a Policy Should Be Defined

  • Traffic That Should Be Dropped Unless a Good Case Can Be Made


This is a nice reference for those who wish to implement some degree of control over ICMPv6, which is an integral part of IPv6 and not something one can blindly block.

Comments

Anonymous said…
Do you run IPv6 in your labs at home, and have you created an "IPv6 tunnel" to the outside world? Just curious.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics