[ipv6hackers] RA guard evasion
Matej Gregr
igregr at fit.vutbr.cz
Mon May 13 16:24:59 CEST 2013
Hi guys,
most of you are familiar with the concept of RA guard and its ability
to filter rogue RAs. We have tested 3 switches for access and
distribution layer and found, that we are able to evade the protection
quite easilly on all of them. First method is using fragment header and
this is well known and documented behaviour. However, you are also able
to evade the protection using several destination options headers (it
depends on the platform). We believe, that this behaviour is not well
documented, so we wrote an article.
http://6lab.cz/article/rogue-router-advertisement-attack/
Comments are welcome.
Regards,
Matej
More information about the Ipv6hackers
mailing list