Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
1Activity

Table Of Contents

Agenda (II)
Objetives of this training
Some interesting aspects about IPv6 security
Brief comparision between IPv6 and IPv4
Brief comparision of IPv4 and IPv6 (II)
Basic header fields
IPv6 header
Version
Payload Length
Next Header
Hop Limit
Hop Limit: Fingerprinting Devices or OSes
Hop Limit: Locating a Node
Hop Limit: Evading NIDS
Hop Limit: Improving Security (GTSM)
Brief Overview
Address Types
Unicast Addresses
Global Unicast Addresses
Link-local Unicast Addresses
Unique-local Unicast Addresses
Multicast Addresses
Anycast Addresses
Implications on End-to-End Conectivity
Some Considerations
Fragmentation Header
Fragmentation Example (legitimate)
Security Implications
IPv6 idle scan?
Example of Predictable Identification values
Revision TCP Connection-Establishment
Forged TCP Connection-Establishment
sysctl’s for frag/reassembly
Implications on Firewalls
Brief Overview of the IPv6 Situation
Problem Statement
Problem Statement (II)
Problem Statement (III)
Possible Countermeasures
Some Conclusions
Internet Control Message Protocol version 6
Error Messages
Fault Isolation (ICMPv6 error messages)
Hop Limit Exceeded in Transit
Hop Limit Exceeded in Transit (II)
Hop Limit Exceeded in Transit (III)
ICMPv6 Connection-Reset Attacks
ICMPv6 PMTUD Attacks
ICMPv6 Redirects
ICMPv6 Echo Request/Echo response
sysctl’s for ICMPv6 Echo Request
Node Information Query/Response
Node Information Query/Response (II)
Some examples with ICMPv6 NI (I)
Some examples with ICMPv6 NI (II)
Some examples with ICMPv6 NI (III)
Address Resolution in IPv6
Neighbor Solicitation Messages
Neighbor Advertisement Messages
Source/Target Link-layer Address Options
Sample Address Resolution Traffic
Neighbor Cache
Neighbor Cache (contents)
Neighbor Cache (prefixes)
Neighbor Cache (default routers)
sample attacks…
Some Address Resolution Games
Overflowing the Neighbor Cache
Overflowing the Neighbor Cache (II)
“Man in the Middle” or Denial of Service
sysctl’s for Neighbor Discovery (OpenBSD)
Stateless Address Autoconfiguration
Address Autoconfiguration flowchart
Router Solicitation Messages
Router Advertisement Messages
Possible Options in RA messages
Prefix Information Option
Router Information Option
MTU Option
RDNSS Option
some sample attacks…
Disable an Existing Router
Exploit DAD for Denial of Service
Advertise Malicious Network Parameters
Some sysctl’s…
sysctl’s for autoconf (OpenBSD)
Autoconf Addresses & Privacy
sysctl’s for Privacy Addresses
Router Advertisement Guad (RA-Guard)
Router Advertisement Guard
RA-Guard evasion
Brief overview and considerations
IPv6 Transition/Co-existence Technologies
Dual Stack
Dual-stack
Exploiting Native IPv6 Support
6in4
Tunnel broker
Tunnel Broker: Sample Implementation
ISATAP
Exploting ISATAP
6to4
6to4 (II)
Problems with 6to4
6rd (IPv6 rapid deployment)
Teredo
Securiy Implications of Teredo
Translation
Exploiting Transition Technologies
Filtering IPv6 Transition Technologies
Implications on “brute-force scanning”
Some real-world data…
Some Advice
Leveraging IPv6 features
Application-layer protocols
DNS
Network “Neighborhood” protocols
Some thoughts
Acknowledgments
0 of .
Results for:
No results containing your search query
P. 1
Hip2011 Hacking Ipv6 Networks

Hip2011 Hacking Ipv6 Networks

Ratings: (0)|Views: 277|Likes:
Published by DonAnto

More info:

Published by: DonAnto on Sep 26, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

10/10/2011

pdf

text

original

You're Reading a Free Preview
Pages 4 to 13 are not shown in this preview.
You're Reading a Free Preview
Pages 17 to 68 are not shown in this preview.
You're Reading a Free Preview
Pages 72 to 120 are not shown in this preview.
You're Reading a Free Preview
Pages 124 to 134 are not shown in this preview.
You're Reading a Free Preview
Pages 138 to 167 are not shown in this preview.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->