ignore security and it'll go away
Showing 1 - 25 of 72 RSS Feed

Files from Fernando Gont

Email addressfernando at gont.com.ar
First Active2005-07-23
Last Active2015-04-06
IPv6 Toolkit 2.0
Posted Apr 6, 2015
Authored by Fernando Gont | Site si6networks.com

SI6 Networks' IPv6 toolkit is a security assessment and troubleshooting tool for the IPv6 protocols. It can send arbitrary IPv6-based packets.

Changes: Added a fully-IPv6-capable traceroute tool, named path6. Added a new tool which incorporates new functionality and also provides a shortcut to other existing tools. Added a new tool isolates IPv6 blackholes. Added a new tool that can send arbitrary UDP/IPv6 packets. Various bug fixes.
tags | tool, arbitrary, scanner, protocol
systems | unix
MD5 | 9274f87dd5f57da78c08998e283ad7ed
RFC7359 - Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages In Dual-Stack Hosts/Networks
Posted Aug 27, 2014
Authored by Fernando Gont

The subtle way in which the IPv6 and IPv4 protocols coexist in typical networks, together with the lack of proper IPv6 support in popular Virtual Private Network (VPN) tunnel products, may inadvertently result in VPN tunnel traffic leakages. That is, traffic meant to be transferred over an encrypted and integrity- protected VPN tunnel may leak out of such a tunnel and be sent in the clear on the local network towards the final destination. This document discusses some scenarios in which such VPN tunnel traffic leakages may occur as a result of employing IPv6-unaware VPN software. Additionally, this document offers possible mitigations for this issue.

tags | paper, local, protocol
MD5 | 23b96b2e0c0f6f3f0381dc2d3096094c
IPv6 Extension Headers In The Real World
Posted Aug 22, 2014
Authored by Fernando Gont

This is a draft of IPv6 Extension Headers in the Real World. IPv6 Extension Headers allow for the extension of the IPv6 protocol, and provide support for some core functionality such as IPv6 fragmentation. However, IPv6 Extension Headers are deemed to present a challenge to IPv6 implementations and networks, and are known to be intentionally filtered in some existing IPv6 deployments. This summarizes the issues associated with IPv6 extension headers, and presents real-world data regarding the extent to which packets with IPv6 extension headers are filtered in the public Internet, and where in the network such filtering occurs. Additionally, it provides some guidance to operators in troubleshooting IPv6 blackholes resulting from the use of IPv6 extension headers. Finally, this document provides some advice to protocol designers, and discusses areas where further work might be needed.

tags | paper, protocol
MD5 | d82bab036020d2be2c57fd94ad014d8c
IPv6 Toolkit 1.5.3
Posted Feb 22, 2014
Authored by Fernando Gont | Site si6networks.com

SI6 Networks' IPv6 toolkit is a security assessment and troubleshooting tool for the IPv6 protocols. It can send arbitrary IPv6-based packets.

Changes: Minor issues are addressed.
tags | tool, arbitrary, scanner, protocol
systems | unix
MD5 | 61d91579ecb2df1431b73b587ebd4e13
IPv6 Toolkit 1.5.2
Posted Jan 17, 2014
Authored by Fernando Gont | Site si6networks.com

SI6 Networks' IPv6 toolkit is a security assessment and troubleshooting tool for the IPv6 protocols. It can send arbitrary IPv6-based packets.

Changes: Minor issues are addressed.
tags | tool, arbitrary, scanner, protocol
systems | unix
MD5 | e917241effbe7cf2e11871e27e158638
Security Assessments Of IPv6 Networks And Firewalls
Posted Jun 16, 2013
Authored by van Hauser, Fernando Gont

These are presentation slides from the German IPv6 Kongress that was held in Frankfurt, Germany in 2013.

tags | paper
MD5 | e6c73a6fcc93a33627218eef82b9e773
IPv6 Network Reconnaissance: Theory And Practice
Posted Jun 15, 2013
Authored by Fernando Gont

These slides are from an IPv6 reconnaissance presentation given at CONFidence 2013.

tags | paper
MD5 | 9f1975c39e0739d27b1e88c21bdd05f0
Generating Stable Privacy-Enhanced Addresses With IPv6
Posted Jun 4, 2013
Authored by Fernando Gont | Site ietf.org

This document specifies a method for generating IPv6 Interface Identifiers to be used with IPv6 Stateless Address Autoconfiguration (SLAAC), such that addresses configured using this method are stable within each subnet, but the Interface Identifier changes when hosts move from one network to another. This method is meant to be an alternative to generating Interface Identifiers based on hardware address (e.g., using IEEE identifiers), such that the benefits of stable addresses can be achieved without sacrificing the privacy of users. The method specified in this document applies to all prefixes a host may be employing, including link-local, global, and unique- local addresses.

Changes: Revision 9 of this document.
tags | paper, local
MD5 | ae070a249f63b43911cdd8f7fed8eded
Hacking IPv6 Networks
Posted Apr 25, 2013
Authored by Fernando Gont

These are the slides for the "Hacking IPv6 Networks" security training course as given at BRUCON 2012.

tags | paper
MD5 | cc61c9d06b08dae10665135b93de0a44
SI6 Networks' IPv6 Toolkit 1.3.4
Posted Apr 18, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: IPv6-host tracking support in the scan6 tool. A new tool, address6, to analyze IPv6 addresses. Minor bug fixes.
tags | tool
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | 21fe4ecb93a9b4783be7b16d88b0ab81
SI6 Networks' IPv6 Toolkit 1.3.3
Posted Mar 11, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: This minor update incorporates the "--tgt-known-iids" option, which can be used to track systems across networks, even if they employ the so-called "Privacy Address" (and yes, that includes Microsoft Windows systems).
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | 2c7f9cfc0a8845694439a2bbdb6b9446
SI6 Networks' IPv6 Toolkit 1.3
Posted Feb 17, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: Addition of a full-fledged IPv6 address scanning tool. Includes support for tunnels. Various other additions and updates.
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | e8cef869daa70b46ba19bfbb59e2fe74
Security Implications Of IPv6 Fragmentation With IPv6 Neighbor Discovery Revision 03
Posted Jan 20, 2013
Authored by Fernando Gont | Site ietf.org

IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.

Changes: Revision 3 of this document.
tags | paper, local
MD5 | 88e4cd8c43b31362b6703b610a89105d
DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers
Posted Jan 19, 2013
Authored by Fernando Gont

This document specifies a mechanism for protecting hosts connected to a broadcast network against rogue DHCPv6 servers. The aforementioned mechanism is based on DHCPv6 packet-filtering at the layer-2 device on which the packets are received. The aforementioned mechanism has been widely deployed in IPv4 networks ('DHCP snooping'), and hence it is desirable that similar functionality be provided for IPv6 networks.

tags | paper
MD5 | d96217260b6f3769c1ac440b3d837b95
VPN Traffic Leakages In Dual-Stack Hosts/Networks
Posted Jan 19, 2013
Authored by Fernando Gont

The subtle way in which the IPv6 and IPv4 protocols co-exist in typical networks, together with the lack of proper IPv6 support in popular Virtual Private Network (VPN) products, may inadvertently result in VPN traffic leaks. That is, traffic meant to be transferred over a VPN connection may leak out of such connection and be transferred in the clear on the local network. This document discusses some scenarios in which such VPN leakages may occur, either as a side effect of enabling IPv6 on a local network, or as a result of a deliberate attack from a local attacker. Additionally, it discusses possible mitigations for the aforementioned issue.

tags | paper, local, protocol
MD5 | b19815ec6492b8610bedbb0b546da854
Recommendations On Filtering IPv4 Packets Containing IPv4 Options
Posted Jan 19, 2013
Authored by Fernando Gont

This document document provides advice on the filtering of IPv4 packets based on the IPv4 options they contain. Additionally, it discusses the operational and interoperability implications of dropping packets based on the IP options they contain.

tags | paper
MD5 | 4dcb63f7c1f9d761dc2eb52d93196625
Security Implications Of IPv6 On IPv4 Networks Revision 02
Posted Jan 19, 2013
Authored by Fernando Gont

This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.

Changes: Updated version for 01/2013.
tags | paper
MD5 | a61bcc625432b24b81ea3a98b5bdb4b7
Processing Of IPv6 Atomic Fragments
Posted Jan 19, 2013
Authored by Fernando Gont

The IPv6 specification allows packets to contain a Fragment Header without the packet being actually fragmented into multiple pieces (we refer to these packets as "atomic fragments"). Such packets typically result from hosts that have received an ICMPv6 "Packet Too Big" error message that advertises a "Next-Hop MTU" smaller than 1280 bytes, and are currently processed by some implementations as "fragmented traffic". Thus, by forging ICMPv6 "Packet Too Big" error messages an attacker can cause hosts to employ "atomic fragments", and then launch any fragmentation-based attacks against such traffic. This document discusses the generation of the aforementioned "atomic fragments", the corresponding security implications, and formally updates RFC 2460 and RFC 5722 such that fragmentation-based attack vectors against traffic employing "atomic fragments" are completely eliminated.

tags | paper
MD5 | fd38a93b8f7a41b1670e2e3f42b96c1f
IETF I-D On Fragmentation Related Security Issues Revision 03
Posted Jan 19, 2013
Authored by Fernando Gont

This Internet Draft specifies the security implications of predictable fragment identification values in IPv6. It primarily focuses on countermeasures and mitigations.

Changes: Updated version for 01/2013.
tags | paper
MD5 | 111f5c7995657add921af66de1588127
Security Implications Of IPv6 Options Of Type 10xxxxxx Revision 01
Posted Jan 19, 2013
Authored by Fernando Gont

When an IPv6 node processing an IPv6 packet does not support an IPv6 option whose two-highest-order bits of the Option Type are '10', it is required to respond with an ICMPv6 Parameter Problem error message, even if the Destination Address of the packet was a multicast address. This feature provides an amplification vector, opening the door to an IPv6 version of the 'Smurf' Denial-of-Service (DoS) attack found in IPv4 networks. This document discusses the security implications of the aforementioned options, and formally updates RFC 2460 such that this attack vector is eliminated. Additionally, it describes a number of operational mitigations that could be deployed against this attack vector.

Changes: Updated version for 01/2013.
tags | paper
MD5 | e5af6fb0c5d35e703ef6a119c7b6b71a
Security Assessment Of Neighbor Discovery (ND) For IPv6 Revision 01
Posted Jan 19, 2013
Authored by van Hauser, Fernando Gont

Neighbor Discovery is one of the core protocols of the IPv6 suite, and provides in IPv6 similar functions to those provided in the IPv4 protocol suite by the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). Its increased flexibility implies a somewhat increased complexity, which has resulted in a number of bugs and vulnerabilities found in popular implementations. This document provides guidance in the implementation of Neighbor Discovery, and documents issues that have affected popular implementations, in the hopes that the same issues do not repeat in other implementations.

Changes: Updated version for 01/2013.
tags | paper, vulnerability, protocol
MD5 | 1be4575d298c79f1d76da36e8e0f4cd4
Security / Robustness Assessment Of IPv6 ND Implementations
Posted Dec 18, 2012
Authored by Fernando Gont

Recent security research seems to indicate that a number of IPv6 Neighbor Discovery implementations fail to implement basic sanity checks on received packets and/or fail to properly manage protocol data structures, being subject of trivial Denial of Service (DoS) attacks. Additionally, some IPv6 protocol features allow a number of attacks, ranging from man-in-the-middle to Denial of Service (DoS). This document discusses how to conduct a security/robustness assessment of Neighbor Discovery implementations by means of the SI6 Networks' IPv6 toolkit - a free, portable, and fully-featured IPv6 security assessment and trouble-shooting toolkit. Additionally, it provides pointers to ongoing work in this area, such that the aforementioned issues can be mitigated where appropriate.

tags | paper, denial of service, protocol
MD5 | 8a65ffde5b00eee9e520aab39bf62a9d
Security Assessment Of Neighbor Discovery (ND) For IPv6
Posted Dec 18, 2012
Authored by van Hauser, Fernando Gont

Neighbor Discovery is one of the core protocols of the IPv6 suite, and provides in IPv6 similar functions to those provided in the IPv4 protocol suite by the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). Its increased flexibility implies a somewhat increased complexity, which has resulted in a number of bugs and vulnerabilities found in popular implementations. This document provides guidance in the implementation of Neighbor Discovery, and documents issues that have affected popular implementations, in the hopes that the same issues do not repeat in other implementations.

tags | paper, vulnerability, protocol
MD5 | c685017402f1b7880a5c07ebc8aaa101
Network Reconnaissance In IPv6 Networks
Posted Dec 12, 2012
Authored by Fernando Gont, T. Chown

IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform address scanning attacks against IPv6 networks, and therefore IPv6 address scanning attacks have long been considered unfeasible. This document analyzes how traditional address scanning techniques apply to IPv6 networks, and also explores a number of other techniques that can be employed for IPv6 network reconnaissance. Additionally, this document formally obsoletes RFC 5157.

tags | paper
MD5 | 7f78a70d248af1e14513342f955f8fa1
UK CPNI IPv6 Toolkit 1.2.3
Posted Sep 17, 2012
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: Various updates and OSes supported.
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | a4557708150feac8fb1fae279a6414f1
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close