[ipv6hackers] RFC 6980 Testing

Fernando Gont fgont at si6networks.com
Mon Dec 11 08:08:36 CET 2017


Hi, Enno!

On 12/08/2017 05:11 AM, Enno Rey wrote:
> Hi,
> 
> On Sun, Jun 25, 2017 at 06:19:06PM +0200, Marc Heuse wrote:
>> Hi,
>>
>> I just updated the thc-ipv6 repository on github to include the attack -
>> as it is working at least for FreeBSD and Windows that is already good
>> enough :) How about research on Linux and OS X?
> 
> testing of Linux has been performed in the interim:
> https://insinuator.net/2017/12/lets-talk-about-rfc-6980/https://insinuator.net/2017/12/lets-talk-about-rfc-6980/

Thanks for the pointer and the research!

Did a quick read of the article. So.. it would seem the vast majority of
OSes don't implement RFC6980, yet? -- Sad..

Question:
I'm curious about the structure of the packets for "two frags, two dest
options in fragmentable part" and "four frags, two dest opts in
fragmentable part". i.e., size of options, and size of headers -- trying
to figure out why the former didn't circumvent RA-Guard, but the later did.

I guess that, in-line with the aforementioned sadness, there's also
sadness that there's not much RFC7113 in Cisco's RA-Guard land...

Thanks!

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492






More information about the Ipv6hackers mailing list