[ipv6hackers] IPv6 security presentation at Hack.lu 2011
fred
fred at fredbovy.com
Thu Sep 22 22:47:59 CEST 2011
Hi Joackim,
Yes I was aware that all the stateful devices can be the target of a DoS
attack
A DHCP server for instance is vulnerable to DoS attack as it is easy to
empty their pool by sending a lot of request and then keep their CPU very
busy to manage all the states.
For NAT also, we can see the same thing occuring.
But I was curious for a scenario where NAT can permit undetected MITM
attack. I can imagine how it is occuring actually because you are not seen
with your own address but with an address coming from a NAT pool. So there
is no way to identify the attacker with its address. But I was not aware of
such exploits... So any info providing more details about such exploit
interest me...
Thanks anyway.
Fred
Le 22/09/2011 10:29, « Joakim Aronius » <joakim at aronius.se> a écrit :
> All nodes that keep state are vulnerable to DoS. Arbor Networks published a
> pretty intersting report which can be downloaded here:
> http://www.arbornetworks.com/report
>
> Regards,
> /joakim
>
> * fred (fred at fredbovy.com) wrote:
>> Hi Douglas,
>>
>> This is really interesting. I realized that NAT was an easy target for DoS
>> attacks but I never read anything about this before...
>>
>> I can see approximately how this may occur but if you have more doc about
>> this I am interested.
>>
>> Thanks
>>
>>
>>
>> Le 21/09/2011 21:05, « Douglas Otis » <dotis at mail-abuse.org> a écrit :
>>
>>> Any NAT device within a network provides an easily exploited opportunity
>>> for undetected MITM attacks. Only End-to-End security offers protection
>>> from exploits related with ARP or ND+MLD where End-to-End security is
>>> likely only possible with IPv6. This does not need to be IPsec.
>>
>> --
>>
>> Fred Bovy
>> fred at fredbovy.com
>> Skype: fredericbovy
>> Mobile: +33676198206
>> Siret: 5221049000017
>> Twitter: http://twitter.com/#!/FredBovy
>> Blog: http://fredbovyipv6.blogspot.com/
>> ccie #3013
>>
>>
>>
>>
>> _______________________________________________
>> Ipv6hackers mailing list
>> Ipv6hackers at lists.si6networks.com
>> http://lists.si6networks.com/listinfo/ipv6hackers
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
--
Fred Bovy
fred at fredbovy.com
Skype: fredericbovy
Mobile: +33676198206
Siret: 5221049000017
Twitter: http://twitter.com/#!/FredBovy
Blog: http://fredbovyipv6.blogspot.com/
ccie #3013
More information about the Ipv6hackers
mailing list