Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
4Activity

Table Of Contents

I. INTRODUCTION
II. LINK LAYER PROTOCOLS
A. Link Layer Topology Discovery protocol
B. Address Resolution
III. NETWORK LAYER
B. IPv4 and IPv6 Supported Protocols
C. Teredo and Other Tunneling Protocols
IV. TRANSPORT LAYER
A. Ephemeral Ports
V. FIREWALL
A. Firewall Rules
B. Initial State
C. Configuration
D. Discovery
E. Tunneling
VI. NETWORK SERVICES
A. Active TCP Ports
B. Active UDP Ports
C. File Sharing
D. RPC Services Over TCP
VIII. CONCLUSION
IX. FUTURE WORK
REFERENCES
APPENDIX I TEST NETWORKS
A. Main Test Network
B. LLTD Test Network
C. Teredo Test Network
APPENDIX II LLTD INTRODUCTION
B. LLTD Protocol Overview
C. LLTD Security Model
APPENDIX III LLTD ANALYSIS AND FINDINGS
A. Vista LLTD Implementation
B. Disabling LLTD Within Vista
C. Topology Map in Vista
D. Hosts with Multiple Interfaces
E. Interaction with Other Protocols
F. Policy Controls
G. Mapper and Responder Relationship
H. Generation and Sequence Numbers
I. Device Supplied Images
J. Internal XML Representation
K. Attack: Spoof and Management URL IP Redirect
L. Attack: Spoof on Bridge
M. Attack: Total Spoof
N. Denial of Service
O. Quality of Service Component
P. Other Attempted Test Cases
APPENDIX IV XML FORMAT USED BY NETWORK MAP
APPENDIX VI NEIGHBOR DISCOVERY SPOOFING
APPENDIX VII IPV4 ID GENERATION
APPENDIX VIII IP FRAGMENT REASSEMBLY
A. Fragmentation Background
B. Fragmentation Testing Methodology
C. Test Cases and Results
APPENDIX IX SOURCE ROUTING
APPENDIX X IPV4 PROTOCOL ENUMERATION
APPENDIX XI IPV6 NEXT HEADER ENUMERATION
APPENDIX XII TEREDO INTRODUCTION
A. Protocol Overview
B. Teredo Security Implications
APPENDIX XIII TEREDO ANALYSIS AND FINDINGS
A. Teredo Use Under Vista
B. Vista Teredo Components
C. Default Teredo settings
D. Requirements for Elevated Privileges
J. Secure Qualification
K. Same Nonce Used With Different UDP Ports
N. Use of Address Flag Bits
O. Other Attempted Test Cases
P. Vista Teredo Conclusions
B. Address Checks in IPHLPSVC.DLL
C. Teredo Functions from IPHLPSVC.DLL
APPENDIX XV HISTORIC ATTACKS
APPENDIX XVI IPV6 OPTIONS
A. Random Option Sending
B. Ordered Option Sending
APPENDIX XVII EPHEMERAL PORTS
APPENDIX XVIII TCP INITIAL SEQUENCE NUMBER GENERATION
APPENDIX XIX TCP SEGMENT REASSEMBLY
APPENDIX XXI WINDOWS FIREWALL CONFIGURATION
A. Firewall ruleset
C. Firewall Changes with Configuration Changes
D. Active Socket Changes with Configuration Changes
APPENDIX XXII EXPOSED TCP SERVICES
APPENDIX XXIII EXPOSED UDP SERVICES
APPENDIX XXIV RPC ENDPOINT MAPPER ENUMERATION
APPENDIX XXV ANONYMOUS AND AUTHENTICATED ACCESS TO NAMED PIPES
A. Null Session Access to Named Pipes
B. Authenticated Session Access to Named Pipes
APPENDIX XXVI RPC PROCEDURE ACCESS
C. Null Session Named Pipe Access
D. Authenticated Session Named Pipe Access
C. Vista Changing Static IPv4 Addresses
APPENDIX XXVIII UNSOLICITED TRAFFIC
0 of .
Results for:
No results containing your search query
P. 1
Vista_Network_Attack_Surface_RTM

Vista_Network_Attack_Surface_RTM

Ratings: (0)|Views: 11,910|Likes:
Published by Jename Mayo

More info:

Published by: Jename Mayo on Mar 09, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

08/14/2012

pdf

text

original

You're Reading a Free Preview
Pages 4 to 56 are not shown in this preview.
You're Reading a Free Preview
Pages 60 to 62 are not shown in this preview.
You're Reading a Free Preview
Pages 66 to 116 are not shown in this preview.

Activity (4)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Daniel Nava liked this
zabrax liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->