IPv6 Security - Sharkfest
IPv6 Security - Sharkfest IPv6 Security - Sharkfest
Methods To Harvest Addresses • Find new methods! FTP Server • No NAT (translation ~= NAT?) DNS Server • Web or FTP server logs. • Email headers Web Server
Reducing the IPv6 Search Space • Prefixes (2001::..) at ARIN (or other RIR) • Get inside with IPv4 –IPv6 tunnels? Protect Topology or Protect Resource? What is wrong with 2620::1c00:0:face:b00c:0:2? • Once inside… • multicast address (FF02::1) all nodes • convention may start with ….::1
- Page 1 and 2: 1 IPv6 Security Nalini Elkins, CEO
- Page 3 and 4: • Denial of service - High Usage
- Page 5 and 6: TCP SYN Flood • Malicious client
- Page 7 and 8: Worms • Worms • Example: Slamme
- Page 9 and 10: How has it changed with IPv6? • I
- Page 11: Reconnaissance IPv4 • Subnet = 2
- Page 16 and 17: What Else? Some IDS protect against
- Page 18 and 19: ICMPv6 Informational Messages Type
- Page 20 and 21: Router Advertisement Contents Route
- Page 22 and 23: Neighbor Discovery Issues • IPv6
- Page 24 and 25: DoS New IPv6 • Denies new device
- Page 26 and 27: Sample Vulnerabilities
- Page 28 and 29: UTube of FloodRouter6 • IPv6 DOS
- Page 30 and 31: Hacker Tools • Scanners - IPv6 se
- Page 32: IPv6 Extension Headers • New: IPv
- Page 35 and 36: From RFC2460: Option 11: discard th
- Page 38 and 39: Crafted Packet • Crafted IPv6 pac
- Page 40 and 41: Common IPv6 Multicast Groups • IP
- Page 42 and 43: DHCPv6 Flow : Start 1. Client sends
- Page 44 and 45: Temporary Addresses • MAC IID
- Page 46 and 47: Temporary Address Guidelines • RA
- Page 48: Summary • What is more secure?
Reducing the <strong>IPv6</strong> Search Space<br />
• Prefixes (2001::..) at ARIN<br />
(or other RIR)<br />
• Get inside with IPv4 –<strong>IPv6</strong><br />
tunnels?<br />
Protect Topology or Protect<br />
Resource?<br />
What is wrong with<br />
2620::1c00:0:face:b00c:0:2?<br />
• Once inside…<br />
• multicast address<br />
(FF02::1) all nodes<br />
• convention may start<br />
with ….::1