Tagged "Firewall"

A few months ago, as part of our investigations on IPv6 security in the NetSecurityLab @ Sapienza University, we discovered a vulnerability that allows attackers to bypass rules in pf-based IPv6 firewalls in particular conditions. Let’s see some details of this vulnerability.

Important note!

Apparently now RouterOS supports hostnames in address lists (tested in 6.49.2). So this article is superseeded (just add an hostname in the address list to have it resolved dinamically).