Hijacking IPv6 addresses using neighbor solicitations
I recently noticed an increase in traffic on my VPS. Tcpdump shows lots of ICMP6 neighbour solicitations on my virtual eth0. Since many IPv6 addresses are repeated within a short time (and thus obviously unanswered and unused) I tried to "hijack" one of the addresses and to add them to my eth0. Interestingly, this worked like a charm even though these IP addresses are not assigned to my VPS. I could do some really stupid things using the hijacked IP and all blame would fall to the owner of the /48 (supposedly a VPS on the same node since the solicitations are being sent from a link-local fe80). As long as the real owner doesn't claim his IPv6's the IPv6 DAD won't kick in.
I've never seen any ARP requests on my eth0 (well, except for my own IP MAC), so shouldn't that be the same for ICMP6 neighbor solicitations in a VPS environment?
Comments
Maybe he's handing out addresses with radvd or something without knowing it.