This file contains slides for the "Hacking IPv6 Networks" training provided at Hack in Paris 2011. They contain quite a few insights about IPv6 security, along with a number of practical examples.
0af18cc2f54ae7ea48274dedc1287d62ed07d9b755e212983a06fd390b67eb47The IETF has just published RFC 6274, entitled "Security Assessment of the Internet Protocol Version 4". It contains a large amount of information on how to improve the security of IPv4 implementations and IPv4 deployments.
f2192e38c8aa09b26b2a3d2e012d56c5e0ae4167e587238f3bd969b8f09dd408IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.
ae1239dbe215828238bde7e4d18f0fa35e3f33bfb61ed97549a17cb1ea60cd42The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly employed to mitigate attack vectors based on forged ICMPv6 Router Advertisement messages. Many existing IPv6 deployments rely on RA-Guard as the first line of defense against the aforementioned attack vectors. This document describes possible ways in which current RA- Guard implementations can be circumvented, and discusses possible mitigations.
419dbe3a0dedd1c464fb648a00b9ab7d264f3801038e9c2fc543db909c6fa908This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.
c237c137715ec6c6b22b18847817cae159ad2b52af7a8aac8da06ea03c3945fdThis document analyzes how current TCP implementations process TCP urgent indications and how the behavior of some widely deployed middleboxes affects how end systems process urgent indications. This document updates the relevant specifications such that they accommodate current practice in processing TCP urgent indications, raises awareness about the reliability of TCP urgent indications in the Internet, and recommends against the use of urgent indications (but provides advice to applications that do).
b464cc05058563fba89abf95ea23d58efab91513859c822b555850550c44806aRFC6056 has been released and is titled Recommendations for Transport-Protocol Port Randomization.
2d899269f777944a49b7bcd5373a53284b4b6425a5e957bee90959e976ad26bbResults of a Security Assessment of the Internet Protocol version 6 (IPv6). These are the presentation slides that were used at LACNOG.
0af0fdd608e434d3e0a046b6dc8e603642e17c307867c7b1add93abca814318dThis is a new IETF Internet-Draft about TCP timestamps generation, entitled "On the generation of TCP timestamps".
706d4c976b9a4d43fde3407213a244580f6013abde7186a11a9b2884600aa55bThis is the IETF Internet-Draft entitled "On the implementation of TCP urgent data". This document describes current issues relevant to the implementation and use of TCP urgent data, aims to change the IETF specifications so that they accommodate what virtually all implementations have been doing with urgent data.
384e21ff4feb6dfa943d320a646ab513ba681507acc08360bf5b6874ae7476f9The United Kingdom's Centre for the Protection of National Infrastructure document entitled "Security Assessment of the Transmission Control Protocol (TCP)".
44dc58c211bb1352cd020643a92ef5268a0eb859d3199842caa9f1cd57484e42This is the IETF Internet-Draft entitled "Security Assessment of the Internet Protocol version 4", which is heavily based on the "Security Assessment of the Internet Protocol".
0f89100a070e0ace98c2f792a2e4cd5cbb04302b6669f80341ba345815d8dcdbThis document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
61b14f84224795032551d1a5e2ebfe45a4f86868563581fff491e9408e636381This document aims to raise awareness about the many security threats based on the IP protocol, those that we are currently facing, and those we may still have to deal with in the future. It provides advice for the secure implementation of the IP, and also insights about the security aspects of the IP that may be of help to the Internet operations community.
d32ba62cbedc3f111b56160738e51c8e5893201d8d65bdbb0a87c1efae6be3ddThis document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
1ce58606d3eddff9223fe3a488f8c0cc0f6238e521811ffc418b4dd84491b12bThis document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
f6784276bc77577f72c09f503deab41ce6fabf7bb9a8b44edd61410211141a2cRecently, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (TCP) and similar protocols. The consequences of these attacks range from throughput-reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the four- tuple (Source Address, Destination Address, Source port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a simple and efficient method for random selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. Both text and pdf formats of this paper are included.
a3c77823856bb629693170ad41bbf3eb04803b3943bb64a88f319af02d2327dbWhitepaper titled Filtering Of ICMP Error Messages.
3e111b9620bd24f49f6ac3d44f4883f748b6d8dff7a2b8c51a80de079578dd84This document discusses the use of the Internet Control Message Protocol (ICMP) to perform a variety of attacks against the Transmission Control Protocol (TCP) and other similar protocols. It proposes several counter-measures to eliminate or minimize the impact of these attacks.
eb26edb362c9db7aef2e0588ce1edd7b2f8dc2c57ec441e0f593bc216e865275Various tools that demonstrate the use of the Internet Control Message Protocol (ICMP) to perform a variety of attacks against the Transmission Control Protocol (TCP). Inside this tarball lives icmp-mtu.tar.gz, icmp-quench.tar.gz, and icmp-reset.tar.gz.
d1f120550ba50c5cd8705cfa6cac0b8c976cfe87201baef8725508ce698b9ad3This document discusses the use of the Internet Control Message Protocol (ICMP) to perform a variety of attacks against the Transmission Control Protocol (TCP) and other similar protocols. It proposes several counter-measures to eliminate or minimize the impact of these attacks.
bafb48eca640a455dbb85cd6293af2853c07b0c0e758cd9e2820797a6f2459ae
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed