IPv6 ICMP flood
I ran across this today for the first time, I had some trouble making sense of what I was seeing but once I recognized what was going on I contacted the ISP to get them involved and started looking into the customers firewall to see what I could do to get them back up.
I ended up blocking all v6 traffic from wan > lan which got them up & running again (crude, but its working). Should the ISP be taking care of this or is this "our" issue to sort out?
What else could I do (in the firewall) to mitigate this threat?
I ended up blocking all v6 traffic from wan > lan which got them up & running again (crude, but its working). Should the ISP be taking care of this or is this "our" issue to sort out?
What else could I do (in the firewall) to mitigate this threat?