Completely disable IPv6?

0

Hello,

is it possible to completely disable IPv6 on Loadmasters?

Meaning that IPv6 is not even bound to a NIC and therefore no Link Local Addresses are created...

Thanks!

Christian

5 comments

Avatar
Nick Smylie Official comment

Hi Christian,

I am going to look into this and get back to you.  

May I ask why you want to disable it though?

Avatar
0
cnschindler

Hi Nick,

thanky for your answer.

The reason is rather simple but also lame.

Customers security department does a nessus scan on a regular basis. And this scan flags IPv6 as a potential risk...

I don't want to go into further detail, because IMO this is totally stupid.

But the customer is always right :-)

Christian

Avatar
0
Nick Smylie

Hi,

So there does not seem to be a way unfortunately.  

However I did try a Nessus scan myself and I did not get that vulnerability.  Do you know the name of the vulnerability they are referring to?  Also which type of scan they are doing?  If this is a Risk, no matter how small I believe this is worth looking into.

Avatar
0
cnschindler

Hi,

thanks. That's what I was expecting.

The issue the customers security department has is, that IPv6 uses SLAAC to configure addresses. And this process is prone to hacker attacks.

https://arxiv.org/ftp/arxiv/papers/1405/1405.4197.pdf

While I don't agree that this is an issue at all, the security department has a very strong standing at this customer...so I have to come up with an official statement.

Thanks for your time!

Regards

Christian

Avatar
0
Nick Smylie

Hi Christian,

I believe this might require some more discussion beyond this.  I am going to open up a ticket for you and we can discuss further there.