[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question re session hijacking in dual stack environments w/MacOS

Subject: Question re session hijacking in dual stack environments w/MacOS
From: owen at delong.com (Owen DeLong)
Date: Fri, 16 Oct 2015 11:50:52 -0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]>

> On Oct 2, 2015, at 00:46 , Valdis.Kletnieks at vt.edu wrote:
> 
> On Fri, 02 Oct 2015 00:46:47 -0500, Doug McIntyre said:
> 
>> I suspect this is OSX implementing IPv6 Privacy Extensions. Where OSX
>> generates a new random IPv6 address, applies it to the interface, and then
>> drops the old IPv6 addresses as they stale out. Sessions in use or not.
> 
> Isn't the OS supposed to wait for the last user of the old address to close
> their socket before dropping it?

No? It just waits for the valid lifetime to expire.

Privacy addresses don?t refresh their preferred lifetime and start counting the valid lifetime from preferred expiration IIRC.

Owen

References:
- Question re session hijacking in dual stack environments w/MacOS
  - From: merlyn at geeks.org (Doug McIntyre)
- Question re session hijacking in dual stack environments w/MacOS
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)

Prev by Date: i hate october
Next by Date: Spamhaus contact needed
Previous by thread: Question re session hijacking in dual stack environments w/MacOS
Next by thread: Question re session hijacking in dual stack environments w/MacOS
Index(es):
- Date
- Thread