In case you missed it, there was a slew of talk about an IPv6 issue that can cause whole Microsoft networks to lock up. You can read the article in Network World.
In essence by sending out bad IPv6 router advertisements, the MS stack can get confused and take 100% of the processor until it gets so bad you need to hard reboot the machine. Definitely sounds very bad right?
But I asked myself, why would users be allowed to send router advertisements? I mean, they aren’t routers so why would we allow that any more than we would allow DHCP servers on user ports?
Luckily, since we use Enterasys policy on S-Series, we simply don’t allow these to get out on the network. Curious how to do that? Contact me. It takes less than 5 minutes to protect yourself from this attack with policy….