New release : CTI Report - Pharmaceutical and drug manufacturing 

                 Download now

IPv6 and security: news from the front – July

July 17, 2012

IPv6 and security: news from the front – July

Published articles

Vincent Maurin wrote an article entitled IPv6 security: a new playing field. He quickly introduces IPv6 and its security. He also provides various links dealing with IPv6 and security, selected for their relevance.

 

Conferences

Fernando Gont carried out training at Hack In Paris. He published his slides : Hacking IPv6 Networks Training. They are similar to those he has already presented at previous conferences (see the post of the month of January (among others). The 219 slides address the security issues related to IPv6 in a fairly comprehensive manner.

At Cisco Live 2012 in San Francisco, Eric Vyncke gave a presentation: IPv6 Security Threats and Mitigations. The 107 slides present attacks on IPv6 (Remote Neighbor Cache Exhaustion, Routing Header Attacks, NDP Spoofing, etc.) and Cisco technologies to protect against them (RA-guard, IPv6 ACL, etc.).

Fernando Gont also gave a presentation at the conference Just4meeting : Recent Advances in IPv6 Security. THE slides resemble those presented at previous conferences (see the post from this month).’april) but the presentation is still more complete. Here is the presentation outline:

  • Advances in IPv6 Addressing
    • Implications on host scanning attacks
    • Implications for privacy
    • Mitigating scanning and privacy issues
  • IPv6 Fragmentation and Reassembly
  • IPv6 First Hop Security
  • IPv6 firewalling
  • Mitigation to some DoS attacks
  • Tools

 

Tools

A suite of tools for performing various tests on IPv6 networks has been published: IPv6 Toolkit. These tools were developed by Fernando Gont. Here is a description:

  • flow6: «A tool that performs a security assessment of the IPv6 Flow Label field. »
  • frag6: «A security assessment tool for attack vectors based on IPv6 fragmentation. »
  • icmp6-attack: «A tool for vulnerabilities in ICMPv6 error messages. »
  • ipv6mon: «A tool for IPv6 address monitoring on local area networks. »
  • ipv6-toolkit
  • jumbov6: «A tool to assess IPv6 implementations with respect to attack vectors based on IPv6 jumbograms. »
  • ni6
  • rd-attack: «A tool for vulnerabilities based on ICMPv6 Redirect messages. »

A new version of the THC-IPv6 tool suite is exit. This suite includes numerous tools for launching attacks against the IPv6 protocol. This new version includes five new modules and bug fixes. The next version is already scheduled for November 7th.

 

Vulnerabilities

A vulnerability (CVSS Base = 7.8) affecting Cisco ASA and Cisco ASASM products has been identified: cisco-sa-20120620-asaipv6, CVE-2012-3058. Exploiting this vulnerability allows attackers to reboot devices with a specific configuration by sending certain IPv6 packets. An update and... workarounds are available.

Contact