[ipv6hackers] RA flood on Windows 8

Fernando Gont fgont at si6networks.com
Sat Sep 15 16:00:00 CEST 2012

HI, Tomas,

On 09/15/2012 09:28 AM, Tomas Podermanski wrote:
>     it is unbelievable, but final version of Windows 8 are still
> vulnerable with RA flood DoS. Doe everyone believe that Microsoft will
> ever fix the issue?

My take is that their current plan is that they will NOT fix it?

secure at microsoft.com is not the most competent security team I have
spoken to (to put it in a polite way).

> Tested on "W8 pro" released for enterprise
> customers. The video with demonstration is available on
> http://ipv6.vutbr.cz/article/ipv6-ra-flood-dos-attack-in-windows-8/.

They essentially fail to enforce limit on any structures.

So there are a number of data structures that you can target: e.g. the
routing table, table of default routers, etc.

For testing the former, just use the ra6 from the SI6 ipv6 toolkit
(http://www.si6networks.com/tools) with the "--flood-prefixes" option --
IIRC, there's even an example in the corresponding manual page.

Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

More information about the Ipv6hackers mailing list