[ipv6hackers] Looking for feedback on subjective top list of IPv6 security issues
jim.small at cdw.com
Fri Mar 8 04:49:03 CET 2013
> > 1) Remotely triggered neighbor cache exhaustion attacks (from subnet
Unique to IPv6 because of large subnet side and encapsulation of L2 address resolution within IPv6 (ICMP)
> > 2) RA floods (autoconfig prefixes, routes, etc...) which crash all
> L2 adjacent hosts with IPv6 enabled stacks
Unique? Well, I agree with Fernando/Marc - a result of immature IPv6 stacks...
> > 3) RA spoofing
Unique (sort of) - IPv4 does have ICMP router discovery, but I don't believe this was ever widely implemented
> > 4) DHCPv6 spoofing
> > 5) NDP (NS/NA) spoofing
Analogous to DHCP/ARP spoofing in IPv4
> > 6) NS floods - DoS
Again, IMHO because of immature IPv6 stacks.
> > 7) Fragmentation attacks
Not unique, see Antonios' preso but worse in IPv6 because of complexity of extension headers and stack immaturity.
> > 8) ICMPv6 redirect spoofing
Analogous to IPv4
> > 9) MLD/MLDv2 attacks - I'm not very clear on dangerous attacks for
> this one...
Somewhat analogous to IPv4 but interested to hear from Fernando/Marc as my impression is they think it's worse. Code immaturity again or additional IETF work needed? Not sure...
> > 10) "Discoverability" or the idea that you should use randomized
> addressing so as not to be discoverable from a "semi-intelligent" brute
> force scan (assuming you're not in DNS or some other registry)
New to IPv6 because of subnet size.
> > 11) Extension header attacks - this one is especially tough, probably
> lots more to find... I especially like Marc's warp packets with the router
> alert "high speed tag" which also double as ACL bypass agents.
New to IPv6.
> > 12) Tunnel attacks - I think the only interesting ones would be those
> against 6in4, ISATAP, and 6rd as IMHO those are the only ones that are in
> use. I have read about tunnel attacks but haven't played with this very
> much. Do you think this is a serious threat worth covering? Any
> suggestions on tools?
New to IPv6/transition issue.
> Just a question. Are any these unique or do they all have an approximate
> equivalent in Ipv4?
I feel like a padawan explaining something to a master. Did I answer your question or are you poking fun at me and I missed the bus? :-)
More information about the Ipv6hackers