[ipv6hackers] Attacking Microsoft DirectAccess and Transition Technologies (6to4/Teredo)
Enno Rey
erey at ernw.de
Thu Aug 29 07:00:29 CEST 2013
Hi,
sorry, Jim, no direct answer to your question (btw: pity, you couldn't be in Berlin at IETF 87), but I'd like to somewhat rephrase the question: is there any use of MS DirectAccess in organizations at all?
In dead earnest: I've yet to see any enterprise environment (or any at all) using it. I'm still considering MS DA as a kind-of chimera. Can anybody share any practical experience, war stories, anecdotes, whatever of practical use of MS DA out there? [yes, I'm aware of the presentation at the Heise Kongress 2010/2011].
thanks
Enno
On Thu, Aug 29, 2013 at 03:25:53AM +0000, Jim Small wrote:
> Wondering if anyone has done penetration testing on an older Windows 2008 R2 Server setup for DirectAccess with all the transition technologies on (6to4/Teredo/ISATAP) with no hardening. My thought is you might be able to gain some internal access/reconnaissance via a Teredo/Miredo client or leveraging 6to4/Teredo weaknesses. I think DA by itself is pretty solid (open to hear otherwise though), but the transition technologies have issues if not locked down. I think some people setting up DA don't understand IPv6 or the transition technologies and are blindly following a point and click guide. ISATAP may also be deployed internally if NAT64 wasn't setup -or- UAG may also be present acting as a NAT64 gateway potentially even providing internal IPv4 access. I'm not sure how strict the default policy firewall policy is. Thus these types of setups could be interesting to a penetration tester.
>
> Any comments welcome,
> --Jim
>
>
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
--
Enno Rey
ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 174 3082474
Handelsregister Mannheim: HRB 337135
Geschaeftsfuehrer: Enno Rey
Troopers 2013 Videos online: http://www.youtube.com/user/TROOPERScon?feature=watch
=======================================================
Blog: www.insinuator.net || Conference: www.troopers.de
=======================================================
More information about the Ipv6hackers
mailing list