[ipv6hackers] The state of IPv6 (pen)testing and the future

Marc Heuse mh at mh-sec.de
Wed Jan 23 10:23:40 CET 2013


Hi guys,

it has become pretty quiet on the list. As the depletion of IPv6 in
north america will take until beginning of next year [1] and a lot of
common topics have been already discussed here, I think thats
understandable.

So, I would like to ask some things on the status of people actively
doing IPv6 security.

Is anyone presenting on new IPv6 security issues in 2013?
I will do one presentation at the german IPv6 congress in June with some
new stuff, but so far that is it. In 2012 it was all Fernando, me plus
one talk by Antonios Atlasis at Blackhat about extension headers and
fragments [2].
(or did I miss a talk with new content?)

Is anyone providing public IPv6 pentesting trainings in 2013?
For securing there are a few (few!), but for full hands-on pentesting, I
am not aware of anyone else besides me (and my plan so far is only at
CanSecWest, HITB Amsterdam, Sysscan and 44con so far) - so if you do,
please send this to the list. We need more IPv6 security/pentest
training to educate people!

Coming to tools. I am only aware of two IPv6 pentesting tools emerging
in 2012: the Topera IPv6 Port Scanner [3] and the SinFP3 Fingerprinting
Tool [4]. This is ... disappointing. On the plus side, the IPv6 support
(especially scripts) with nmap got a lot better. Did I miss tools here?
Of course there were updates to Fernando's tools and mine.
But the lack of IPv6 pentesting/security tools is an issue.

Which brings me to my last topic - the thc-ipv6 toolkit currently
contains ~50 attack and assessment tools. The last update (v2.2) came
out on the 27th of December 2012. And at the moment I only have a few
ideas left what to add, so:
please send me your wishes, ideas, critizism what I could add/enhance to
thc-ipv6 package! :-)

Happy 2013 and lets see what IPv6 brings us in this new year.

Greets,
Marc

[1] http://www.potaroo.net/tools/ipv4/index.html
[2]
https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-Slides.pdf
[3] http://code.google.com/p/topera/
[4] http://www.networecon.com/tools/sinfp/

--
Marc Heuse
www.mh-sec.de

PGP: FEDD 5B50 C087 F8DF 5CB9  876F 7FDD E533 BF4F 891A



More information about the Ipv6hackers mailing list