New release : CTI Report - Pharmaceutical and drug manufacturing 

                 Download now

IPv6 and security: news from the front – October

October 18, 2012

IPv6 and security: news from the front – October

Conferences

Keith O'Brien, Distinguished Engineer at Cisco, gave a presentation at the conference HTCIA : IPv6 Introduction and Implications on Network Security. The final section, "IPv6 and Security," provides a state-of-the-art overview of various attack and defense techniques (primarily Cisco) using IPv6. The topics covered are as follows:

  • IPv6 and Network Recon
  • You Are Probably Already Running IPv6
  • Attacking Stateless Address Autoconfiguration with Rogue RA
  • Attacking Neighbor Discovery with NDP Spoofing
  • Exhausting the Neighbor Cache
  • Extension Headers and Firewalling
  • Transition Threats
  • Implications for LE

During the conference BruCON, Fernando Gont gave a presentation: Recent Advances in IPv6 Security. Compared to his previous presentation at the Just4meeting conference (see the July post), there are no major differences:

  • He goes into slightly more detail about the problem of atomic fragments ;
  • It addresses the problem of VPN solutions that are not compatible with IPv6: in such a situation, traffic may use IPv6 and not pass through the VPN;
  • He presents his IPv6 Toolkit suite in more detail.

À Hack in the Box, Marc Heuse gave a presentation entitled IPv6 Insecurity Revolutions. Although not very detailed, the slides are very interesting and address the following topics:

  • the current situation;
  • vulnerabilities:
    • DoS by RA flood on Windows, Netscreen, BSD and Mac OS; ;
    • DoS by NS flood on Windows, Solaris, Mac OS and BSD; ;
    • DoS by fragmentation on Avira Personal Firewall;
    • bypassing fragmentation filtering on Zyxel;
    • bypassing filtering by adding EH on Cisco;
  • Mapping methods:
    • use of the RIPE NCC database;
    • use of BGP announcements;
    • use of the new version of the alive6 tool;
    • reverse DNS enumeration;
    • extracting DNS information.

 

Tools

A new version of the THC-IPv6 tool suite has been released: the version 2.0. Significant improvements have been made to several tools.

 

Vulnerabilities

Marc Heuse studied the impact of a flood of RA or NS on multiple operating systems. Its latest presentation, IPv6 Insecurity Revolutions (see above), and an email on the mailing list dry bone, IPv6 DoS vulnerabilities, present the results:

  • A flood NS's result in a very high CPU load on several systems: Windows, FreeBSD and NetBSD;
  • A flood RA containing information on multiple routes also results in a very high CPU load (Windows) or significantly disrupts the IPv6 stack (FreeBSD, NetBSD and Mac OS).
Contact