This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
2ca68992f1e854362ce2fe5d00357f8634430a612c312dba8e00ad5d586e35f4rd-attack is a tool for finding vulnerabilities based on ICMPv6 Redirect messages.
75ef138e80c715c496ab039939f1aa91edb626d283e4705e8ad8c770aa02c623ni6 is a security assessment tool that exploits potential flaws in the processing of ICMPv6 Node Information messages.
ef026e19bb05a8e35114e31349134c5a2a5d5688a0963bba15b3d387466c534cjumbov6 is a tool to assess IPv6 implementations with respect to attack vectors based on IPv6 jumbograms.
70bfa103033977fae419ba459c2326bf358ca0f22ea9e70abc5986d263dfaae1This toolkit house various IPv6 tool that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 8.2, NetBSD 5.1, OpenBSD 5.0, and Ubuntu 11.10.
495e347d4bbbe9c0d3103f47b8d7a0f7d1a5f329d8d7205e15208bf12efcc139ipv6mon is a tool for IPv6 address monitoring on local area networks.
87998c9beb90c410776520cb78807d8b97edb1ae4718be2cd8ed998cb9c50079icmp6-attack is a tool for assessing vulnerabilities in ICMPv6 error messages.
ea6d02dca82a6ab1ff31fe84a06fc2903dd5f62c1fff178f155d3db8be6f32d2frag6 is a security assessment tool for attack vectors based on IPv6 fragmentation.
ff17013fa710766492566513213184ed833099c8a1d20510c6d0688633371093flow6 is a tool that performs a security assessment of the IPv6 Flow Label Field.
fec38fb5001ec4bc83eaff5713607b708f5dff5075d86fa4946185e0b8774005These slides are from the Hacking IPv6 Networks Training provided by SI6 networks at Hack In Paris (HIP) 2012.
0d3955844c228dbbf45829f49ad626b6544eca4022e513a8b948d884d64297e1This document specifies a mechanism that can be implemented in layer-2 devices to mitigate attack vectors based on Neighbor Discovery messages. It is meant to complement other mechanisms implemented in layer-2 devices such as Router Advertisement Guard (RA-Guard) and DHCPv6-Shield, with the goal of achieving a comprehensive IPv6 First Hop Security solution. This document is motivated by the desire to achieve feature parity with IPv4 with respect to First Hop Security mechanisms.
b0bd48d4dfcf7fc338169df812038a282998457c61b3f8cfb9294a669b43f80aThis document specifies a mechanism for protecting hosts connected to a broadcast network against rogue DHCPv6 servers. The aforementioned mechanism is based on DHCPv6 packet-filtering at the layer-2 device on which the packets are received. The aforementioned mechanism has been widely deployed in IPv4 networks ('DHCP snooping'), and hence it is desirable that similar functionality be provided for IPv6 networks.
2167f8ff55bb0233568e045e7042373efab0919dd45517725399c88fa634ea33This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
b620fd364138e64c6e10717389b326fd4176c5005ea71cbad80cb84096381fe9IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform host scanning attacks against IPv6 networks, and therefore IPv6 host scanning attacks have long been considered unfeasible. This document analyzes the IPv6 address configuration policies implemented in most popular IPv6 stacks, and identifies a number of patterns in the resulting addresses lead to a tremendous reduction in the host address search space, thus dismantling the myth that IPv6 host scanning attacks are unfeasible.
3e402c5d8f47be6b853bd514ed35744c8ab3f764907fb96603770a5396359be0These are the slides for the presentation "Recent Advances in IPv6 Security" that was given at Hackito Ergo Sum 2012.
26a911f6f3b82ca092f560786633c0b4c82f374446265a10e96b3f88af2c9c53This document specifies a method for generating IPv6 Interface Identifiers to be used with IPv6 Stateless Address Autoconfiguration (SLAAC), such that addresses configured using this method are stable within each subnet, but the Interface Identifier changes when hosts move from one network to another. The aforementioned method is meant to be an alternative to generating Interface Identifiers based on IEEE identifiers, such that the benefits of stable addresses can be achieved without sacrificing the privacy of users.
2be85628520d1d07881dc0a60f77204594c41e42519ec05b5b14ddb2b2f10d7fThis Internet Draft specifies the security implications of predictable fragment identification values in IPv6. It primarily focuses on countermeasures and mitigations.
797c390e09afddabe88fd2b44a2368bbbcd4539539cf70a92b9a03e8ffc6de92This IETF Internet Draft discusses security and interoperability implications of oversized IPv6 header chains.
8ec27e6f6b09e69798fd08859eb67352a7f027ed6076d6512288a35a48b32023This document specifies an algorithm for the generation of TCP Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793.
1de02139d839860eb49ea553acf75e16b93a6326e4b0eda1ef0daa56433b89daIPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.
a8b7a492cc8ab102f8884547a7f042ea0e94a1cdbbad648050eb655bf675f524This Internet Draft focuses on providing advice to RA-Guard implementations, rather than on the evasion techniques that have been found effective against most popular implementations of RA-Guard.
b94a267d451834a19ba9db5489c12513c4c414f2e2934e7d487b0a5d8d337180This Internet Draft specifies the security implications of predictable fragment identification values in IPv6. It primarily focuses on countermeasures and mitigations.
460fd180c573767e12e1ffa15a9dc5ae08637e6d06e765a8c0e9f2d0c204a17cThis document specifies a method for generating IPv6 Interface Identifiers to be used with IPv6 Stateless Address Autoconfiguration (SLAAC), such that addresses configured using this method are stable within each subnet, but the Interface Identifier changes when hosts move from one network to another. The aforementioned method is meant to be an alternative to generating Interface Identifiers based on IEEE identifiers, such that the same manageability benefits can be achieved without sacrificing the privacy of users.
542e6aa994a33734dc569e8c3b291d6929f88f48ab8d12f2e29320b1c816faddThese are the slides from a presentation called Results of a Security Assessment of the Internet Protocol version 6 (IPv6). It was presented at H2HC 2011.
235e5a42446174bb0aaca07903e927bd0aa9ebe1831174aade73cd8274fb93b3These are the slides for the IPv6 security talk given at Hack.lu 2011.
c48839ec6e8c59d1496899d1c7147f00134f8c12a6684faa5ee5150fb0a98546
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed