[ipv6hackers] The state of IPv6 (pen)testing and the future

Joe Klein jsklein at gmail.com
Wed Jan 23 22:35:18 CET 2013 

Marc,

I was doing IPv6 penetration testing classes with labs, between
2006-2010, leveraging both public tools and those in my private
unreleased libraries. At that time I had over 150 tools that work
well, but it seems the vast majority of the tools have been removed
from the Internet. Now I just contribute my attack ideas to Metasploit
team, when I have to time.

Unless things change, I suspect I will not be presenting any of my new
IPv6 work publicly for sometime.

Joe Klein


Joe Klein
On Wed, Jan 23, 2013 at 4:23 AM, Marc Heuse <mh at mh-sec.de> wrote:
> Hi guys,
>
> it has become pretty quiet on the list. As the depletion of IPv6 in
> north america will take until beginning of next year [1] and a lot of
> common topics have been already discussed here, I think thats
> understandable.
>
> So, I would like to ask some things on the status of people actively
> doing IPv6 security.
>
> Is anyone presenting on new IPv6 security issues in 2013?
> I will do one presentation at the german IPv6 congress in June with some
> new stuff, but so far that is it. In 2012 it was all Fernando, me plus
> one talk by Antonios Atlasis at Blackhat about extension headers and
> fragments [2].
> (or did I miss a talk with new content?)
>
> Is anyone providing public IPv6 pentesting trainings in 2013?
> For securing there are a few (few!), but for full hands-on pentesting, I
> am not aware of anyone else besides me (and my plan so far is only at
> CanSecWest, HITB Amsterdam, Sysscan and 44con so far) - so if you do,
> please send this to the list. We need more IPv6 security/pentest
> training to educate people!
>
> Coming to tools. I am only aware of two IPv6 pentesting tools emerging
> in 2012: the Topera IPv6 Port Scanner [3] and the SinFP3 Fingerprinting
> Tool [4]. This is ... disappointing. On the plus side, the IPv6 support
> (especially scripts) with nmap got a lot better. Did I miss tools here?
> Of course there were updates to Fernando's tools and mine.
> But the lack of IPv6 pentesting/security tools is an issue.
>
> Which brings me to my last topic - the thc-ipv6 toolkit currently
> contains ~50 attack and assessment tools. The last update (v2.2) came
> out on the 27th of December 2012. And at the moment I only have a few
> ideas left what to add, so:
> please send me your wishes, ideas, critizism what I could add/enhance to
> thc-ipv6 package! :-)
>
> Happy 2013 and lets see what IPv6 brings us in this new year.
>
> Greets,
> Marc
>
> [1] http://www.potaroo.net/tools/ipv4/index.html
> [2]
> https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-Slides.pdf
> [3] http://code.google.com/p/topera/
> [4] http://www.networecon.com/tools/sinfp/
>
> --
> Marc Heuse
> www.mh-sec.de
>
> PGP: FEDD 5B50 C087 F8DF 5CB9  876F 7FDD E533 BF4F 891A
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers

More information about the Ipv6hackers mailing list