«
Expand/Collapse
196 items tagged "ipv"
Related tags:
security implications [+],
evasion [+],
bugtraq [+],
assessment tool [+],
assessment [+],
neighbor [+],
hacking [+],
cpni [+],
security assessment [+],
hack [+],
cisco ios [+],
address [+],
toolkit [+],
target system [+],
red hat security [+],
kernel packages [+],
implications [+],
gnu linux [+],
cisco security advisory [+],
cisco security [+],
advisory [+],
vectors [+],
protocol [+],
networks [+],
network [+],
ipv6 security [+],
cisco ios software [+],
video [+],
series switches [+],
series [+],
reconnaissance [+],
paris [+],
null pointer [+],
local network [+],
ipv6 transition [+],
ipv6 support [+],
ipv4 networks [+],
ipv4 addresses [+],
headers [+],
full disclosure [+],
fragmentation [+],
chaos communication congress [+],
Software [+],
kernel [+],
utf 8 [+],
tags [+],
south korea [+],
sniffer [+],
sinfp [+],
simple [+],
security presentation [+],
request packet [+],
protocol features [+],
presentation [+],
packet sender [+],
packet [+],
own tools [+],
optional [+],
network discovery [+],
monitoring tool [+],
matt ryanczak [+],
mac os 10 [+],
mac os [+],
mac address [+],
mac [+],
local area networks [+],
kernel module [+],
jumbograms [+],
john curran [+],
japan [+],
ipv6 protocol suite [+],
introduction [+],
internet protocol version 6 [+],
internet protocol version [+],
implementing [+],
ietf [+],
icmp echo request [+],
host [+],
header [+],
flow label [+],
flow [+],
flaw [+],
europe [+],
dnspoison [+],
dns response [+],
dns request [+],
dns [+],
discovery [+],
detection [+],
debian gnu [+],
central server [+],
black hat [+],
auto configuration [+],
authors [+],
audio [+],
ascii keyboard [+],
address assignment [+],
linux [+],
service vulnerability [+],
linux kernel [+],
denial of service [+],
whitepaper [+],
warfield [+],
vulnerability [+],
vulnerabilities [+],
vast [+],
transitioning [+],
training [+],
topera [+],
tcp port scanner [+],
socket programming [+],
sanity checks [+],
router [+],
reference [+],
redirect [+],
ra guard [+],
port [+],
particularity [+],
new [+],
myths [+],
multiple [+],
michael h. warfield [+],
lease expiration [+],
joe klein [+],
isc dhcp [+],
isc [+],
ipv6 protocol stack [+],
ipv6 neighbor discovery [+],
ipv6 host [+],
ipv6 header [+],
ipv6 address space [+],
interoperability [+],
internet draft [+],
internet control message protocol [+],
implicaitons [+],
implementations [+],
icmpv [+],
hacking reference [+],
error messages [+],
dhcp [+],
cisco ios device [+],
analysis [+],
advertisement [+],
address space [+],
address resolution protocol [+],
ipv4 and ipv6 [+],
security [+],
framework [+],
smtp messages [+],
gnunet [+],
abstraction layer [+],
world [+],
viewpoint [+],
vendors [+],
update [+],
trillions [+],
time [+],
tcp sockets [+],
tcp [+],
talk [+],
strategy tactics [+],
spam [+],
slideware [+],
seil [+],
security tools [+],
security authors [+],
routing [+],
remote security [+],
registrar [+],
read [+],
proxy squid [+],
privacy [+],
presentation slides [+],
portugal [+],
ping statistics [+],
philippe biondi [+],
pdf [+],
paper [+],
open ssh [+],
nmap [+],
nightmare [+],
nids [+],
networks network [+],
network firewalls [+],
mpls [+],
marc heuse [+],
kenneth geers [+],
ipv6 stacks [+],
ipv6 protocol [+],
ipv6 project [+],
ipv6 address [+],
intro [+],
interface [+],
icmp [+],
icann [+],
host record [+],
host enumeration [+],
hackers [+],
geers [+],
force reload [+],
errata [+],
enumeration [+],
domain registrar [+],
domain [+],
dnssec [+],
denial [+],
cve [+],
conntrack [+],
cisco [+],
biondi [+],
belgium [+],
beef 2 [+],
available tools [+],
assigns [+],
asia [+],
arin [+],
apache httpd [+],
amp [+],
alexander eisen [+],
Tools [+],
p framework [+],
IPv6 [+],
tool [+],
tool 1 [+],
slides [+],
neighbor discovery [+],
ipv6 networks [+]
-
-
12:48
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
12:48
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
12:48
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
12:48
»
Packet Storm Security Misc. Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
-
15:00
»
Packet Storm Security Tools
Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort.
-
15:00
»
Packet Storm Security Tools
Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort.
-
-
17:56
»
Packet Storm Security Recent Files
Recent security research seems to indicate that a number of IPv6 Neighbor Discovery implementations fail to implement basic sanity checks on received packets and/or fail to properly manage protocol data structures, being subject of trivial Denial of Service (DoS) attacks. Additionally, some IPv6 protocol features allow a number of attacks, ranging from man-in-the-middle to Denial of Service (DoS). This document discusses how to conduct a security/robustness assessment of Neighbor Discovery implementations by means of the SI6 Networks' IPv6 toolkit - a free, portable, and fully-featured IPv6 security assessment and trouble-shooting toolkit. Additionally, it provides pointers to ongoing work in this area, such that the aforementioned issues can be mitigated where appropriate.
-
17:56
»
Packet Storm Security Misc. Files
Recent security research seems to indicate that a number of IPv6 Neighbor Discovery implementations fail to implement basic sanity checks on received packets and/or fail to properly manage protocol data structures, being subject of trivial Denial of Service (DoS) attacks. Additionally, some IPv6 protocol features allow a number of attacks, ranging from man-in-the-middle to Denial of Service (DoS). This document discusses how to conduct a security/robustness assessment of Neighbor Discovery implementations by means of the SI6 Networks' IPv6 toolkit - a free, portable, and fully-featured IPv6 security assessment and trouble-shooting toolkit. Additionally, it provides pointers to ongoing work in this area, such that the aforementioned issues can be mitigated where appropriate.
-
17:54
»
Packet Storm Security Recent Files
Neighbor Discovery is one of the core protocols of the IPv6 suite, and provides in IPv6 similar functions to those provided in the IPv4 protocol suite by the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). Its increased flexibility implies a somewhat increased complexity, which has resulted in a number of bugs and vulnerabilities found in popular implementations. This document provides guidance in the implementation of Neighbor Discovery, and documents issues that have affected popular implementations, in the hopes that the same issues do not repeat in other implementations.
-
17:54
»
Packet Storm Security Misc. Files
Neighbor Discovery is one of the core protocols of the IPv6 suite, and provides in IPv6 similar functions to those provided in the IPv4 protocol suite by the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). Its increased flexibility implies a somewhat increased complexity, which has resulted in a number of bugs and vulnerabilities found in popular implementations. This document provides guidance in the implementation of Neighbor Discovery, and documents issues that have affected popular implementations, in the hopes that the same issues do not repeat in other implementations.
-
-
15:44
»
Packet Storm Security Recent Files
IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform address scanning attacks against IPv6 networks, and therefore IPv6 address scanning attacks have long been considered unfeasible. This document analyzes how traditional address scanning techniques apply to IPv6 networks, and also explores a number of other techniques that can be employed for IPv6 network reconnaissance. Additionally, this document formally obsoletes RFC 5157.
-
15:44
»
Packet Storm Security Misc. Files
IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform address scanning attacks against IPv6 networks, and therefore IPv6 address scanning attacks have long been considered unfeasible. This document analyzes how traditional address scanning techniques apply to IPv6 networks, and also explores a number of other techniques that can be employed for IPv6 network reconnaissance. Additionally, this document formally obsoletes RFC 5157.
-
-
20:35
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
20:35
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
20:35
»
Packet Storm Security Misc. Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
-
17:04
»
Packet Storm Security Recent Files
SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.
-
17:04
»
Packet Storm Security Tools
SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.
-
17:04
»
Packet Storm Security Misc. Files
SinFP3 is a complete framework for network discovery. Its main purpose is to perform active fingerprinting, but it can also do passive fingerprinting. Both modes are available over IPv4 and IPv6. This new version introduces a plugin-based architecture, allowing anyone to develop their own tools around the framework.
-
-
10:43
»
Packet Storm Security Recent Files
This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
-
10:43
»
Packet Storm Security Tools
This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
-
10:43
»
Packet Storm Security Misc. Files
This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
-
-
21:40
»
SecDocs
Tags:
IPv6 Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: After a short introduction on the differences of IPv4 to IPv6, the weaknesses in IPv6 will be shown. Highlight of the talk is the presentation of the THC-IPV6 Attack Toolkit, which includes all IPv6 attacks as well as a low level packet library for easy crafting packets. IPv6 is arriving slowly in Europe, but an important topic in Japan and South Korea, as IPv4 addresses are scarce. IPv6 will change the issues of security and hacking by a large degree. This speech will give a short introduction on the protocol differences, then show the vulnerabilities in the protocols and finally present the THC-IPV6 Attack Toolkit which includes the tools for all vulnerabilities shown, as well as a very easy packet crafting library.
-
8:10
»
SecDocs
Tags:
IPv6 Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: After a short introduction on the differences of IPv4 to IPv6, the weaknesses in IPv6 will be shown. Highlight of the talk is the presentation of the THC-IPV6 Attack Toolkit, which includes all IPv6 attacks as well as a low level packet library for easy crafting packets. IPv6 is arriving slowly in Europe, but an important topic in Japan and South Korea, as IPv4 addresses are scarce. IPv6 will change the issues of security and hacking by a large degree. This speech will give a short introduction on the protocol differences, then show the vulnerabilities in the protocols and finally present the THC-IPV6 Attack Toolkit which includes the tools for all vulnerabilities shown, as well as a very easy packet crafting library.
-
8:10
»
SecDocs
Tags:
IPv6 Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: After a short introduction on the differences of IPv4 to IPv6, the weaknesses in IPv6 will be shown. Highlight of the talk is the presentation of the THC-IPV6 Attack Toolkit, which includes all IPv6 attacks as well as a low level packet library for easy crafting packets. IPv6 is arriving slowly in Europe, but an important topic in Japan and South Korea, as IPv4 addresses are scarce. IPv6 will change the issues of security and hacking by a large degree. This speech will give a short introduction on the protocol differences, then show the vulnerabilities in the protocols and finally present the THC-IPV6 Attack Toolkit which includes the tools for all vulnerabilities shown, as well as a very easy packet crafting library.
-
-
19:18
»
Packet Storm Security Recent Files
ipv6mon is a tool for monitoring IPv6 address usage on a local network. It is meant to be particularly useful in networks that employ IPv6 Stateless Address Auto-Configuration (as opposed to DHCPv6), where address assignment is decentralized and there is no central server that records which IPv6 addresses have been assigned to which nodes during which period of time. ipv6mon employs active probing to discover IPv6 addresses in use, and determine whether such addresses remain active.
-
19:18
»
Packet Storm Security Tools
ipv6mon is a tool for monitoring IPv6 address usage on a local network. It is meant to be particularly useful in networks that employ IPv6 Stateless Address Auto-Configuration (as opposed to DHCPv6), where address assignment is decentralized and there is no central server that records which IPv6 addresses have been assigned to which nodes during which period of time. ipv6mon employs active probing to discover IPv6 addresses in use, and determine whether such addresses remain active.
-
19:18
»
Packet Storm Security Misc. Files
ipv6mon is a tool for monitoring IPv6 address usage on a local network. It is meant to be particularly useful in networks that employ IPv6 Stateless Address Auto-Configuration (as opposed to DHCPv6), where address assignment is decentralized and there is no central server that records which IPv6 addresses have been assigned to which nodes during which period of time. ipv6mon employs active probing to discover IPv6 addresses in use, and determine whether such addresses remain active.
-
-
20:05
»
Packet Storm Security Recent Files
This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
-
20:05
»
Packet Storm Security Misc. Files
This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
-
-
17:00
»
SecuriTeam
A vulnerability in the Linux IPv6 kernel when the nf_conntrack_ipv6 module is enabled allows remote attackers to trigger a denial of service by triggering a NULL pointer deference.
-
-
16:58
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1129-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
-
16:58
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1129-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
-
16:58
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1129-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
-
-
14:39
»
Packet Storm Security Recent Files
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
-
14:39
»
Packet Storm Security Tools
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
-
14:39
»
Packet Storm Security Misc. Files
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
-
14:32
»
Packet Storm Security Advisories
Ubuntu Security Notice 1507-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. An error was found in the Linux kernel's IPv6 netfilter when connection tracking is enabled. A remote attacker could exploit this flaw to crash a system if it is using IPv6 with the nf_contrack_ipv6 kernel module loaded. Various other issues were also addressed.
-
14:32
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1507-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. An error was found in the Linux kernel's IPv6 netfilter when connection tracking is enabled. A remote attacker could exploit this flaw to crash a system if it is using IPv6 with the nf_contrack_ipv6 kernel module loaded. Various other issues were also addressed.
-
14:32
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1507-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. An error was found in the Linux kernel's IPv6 netfilter when connection tracking is enabled. A remote attacker could exploit this flaw to crash a system if it is using IPv6 with the nf_contrack_ipv6 kernel module loaded. Various other issues were also addressed.
-
-
6:46
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1064-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
-
6:46
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1064-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
-
6:46
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1064-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
-
21:09
»
Packet Storm Security Recent Files
This toolkit house various IPv6 tool that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 8.2, NetBSD 5.1, OpenBSD 5.0, and Ubuntu 11.10.
-
21:09
»
Packet Storm Security Tools
This toolkit house various IPv6 tool that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 8.2, NetBSD 5.1, OpenBSD 5.0, and Ubuntu 11.10.
-
21:09
»
Packet Storm Security Misc. Files
This toolkit house various IPv6 tool that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 8.2, NetBSD 5.1, OpenBSD 5.0, and Ubuntu 11.10.
-
-
20:00
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
20:00
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
20:00
»
Packet Storm Security Misc. Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
-
13:22
»
Packet Storm Security Recent Files
This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
-
13:22
»
Packet Storm Security Misc. Files
This document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
-
-
17:20
»
Packet Storm Security Misc. Files
IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform host scanning attacks against IPv6 networks, and therefore IPv6 host scanning attacks have long been considered unfeasible. This document analyzes the IPv6 address configuration policies implemented in most popular IPv6 stacks, and identifies a number of patterns in the resulting addresses lead to a tremendous reduction in the host address search space, thus dismantling the myth that IPv6 host scanning attacks are unfeasible.
-
-
21:27
»
SecDocs
Authors:
Marc Heuse Tags:
IPv6 Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: New protocol features have been proposed and implemented in the last 5 years and ISPs are now slowly starting to deploy IPv6. This talk starts with a brief summary of the issues presented five years ago, and then expands on the new risks. Discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Comes with a GPL'ed toolkit: thc-ipv6 Five years have past since my initial talk on IPv6 insecurities at the CCC Congress. New protocol features have been proposed and implemented since then and ISPs are now slowly starting to deploy IPv6. Few changes have led to a better security of the protocol, several increase the risk instead. This talk starts with a brief summary of the issues presented 5 years ago, and then expands on the new risks especially in multicast scenarios. As an add-on, discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Lets hope patches are out until the conference, if not - they had enough time. All accompanied with GPL'ed tools to and a library: the new thc-ipv6 package. rewritten, expanded, enhanced.
-
-
18:39
»
Packet Storm Security Recent Files
IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.
-
18:39
»
Packet Storm Security Misc. Files
IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.
-
-
9:47
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
9:47
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
9:47
»
Packet Storm Security Misc. Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
-
17:05
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
17:05
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
17:05
»
Packet Storm Security Misc. Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
7:06
»
Packet Storm Security Recent Files
These are the slides from a presentation called Results of a Security Assessment of the Internet Protocol version 6 (IPv6). It was presented at H2HC 2011.
-
7:06
»
Packet Storm Security Misc. Files
These are the slides from a presentation called Results of a Security Assessment of the Internet Protocol version 6 (IPv6). It was presented at H2HC 2011.
-
-
13:55
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 (IPv6) packets over a Multiprotocol Label Switching (MPLS) domain. Workarounds that mitigate these vulnerabilities are available.
-
13:55
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 (IPv6) packets over a Multiprotocol Label Switching (MPLS) domain. Workarounds that mitigate these vulnerabilities are available.
-
13:54
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.
-
13:54
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.
-
-
15:56
»
Packet Storm Security Recent Files
This file contains slides for the "Hacking IPv6 Networks" training provided at Hack in Paris 2011. They contain quite a few insights about IPv6 security, along with a number of practical examples.
-
15:56
»
Packet Storm Security Misc. Files
This file contains slides for the "Hacking IPv6 Networks" training provided at Hack in Paris 2011. They contain quite a few insights about IPv6 security, along with a number of practical examples.
-
0:05
»
Packet Storm Security Recent Files
IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.
-
0:05
»
Packet Storm Security Misc. Files
IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.
-
0:03
»
Packet Storm Security Recent Files
The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly employed to mitigate attack vectors based on forged ICMPv6 Router Advertisement messages. Many existing IPv6 deployments rely on RA-Guard as the first line of defense against the aforementioned attack vectors. This document describes possible ways in which current RA- Guard implementations can be circumvented, and discusses possible mitigations.
-
0:03
»
Packet Storm Security Misc. Files
The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly employed to mitigate attack vectors based on forged ICMPv6 Router Advertisement messages. Many existing IPv6 deployments rely on RA-Guard as the first line of defense against the aforementioned attack vectors. This document describes possible ways in which current RA- Guard implementations can be circumvented, and discusses possible mitigations.
-
-
15:31
»
Packet Storm Security Recent Files
This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.
-
15:31
»
Packet Storm Security Misc. Files
This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.
-
-
6:01
»
Packet Storm Security Recent Files
DNSpoison is a DNS request sniffer tool that forges a false DNS response for IPv4 and IPv6 addresses. Hijacked traffic is needed before starting the program. Tested on GNU/Linux and FreeBSD.
-
6:01
»
Packet Storm Security Tools
DNSpoison is a DNS request sniffer tool that forges a false DNS response for IPv4 and IPv6 addresses. Hijacked traffic is needed before starting the program. Tested on GNU/Linux and FreeBSD.
-
6:01
»
Packet Storm Security Misc. Files
DNSpoison is a DNS request sniffer tool that forges a false DNS response for IPv4 and IPv6 addresses. Hijacked traffic is needed before starting the program. Tested on GNU/Linux and FreeBSD.
-
-
7:35
»
Carnal0wnage
Nmap will scan IPv6 enabled hosts if you pass it the -6 switch, but only does TCP Connect scans and no OS identification, which makes sense because OS identification uses nuances of ipv4 responses...
carnal0wnage ~: nmap -6 -sV 2002:53e9:a52a::832:3316:5042 -p53,80,222
Starting Nmap 5.21 ( http://nmap.org ) at 2010-03-19 20:42 UTC
Nmap scan report for 2002:53e9:a52a::832:3316:5042
Host is up (0.17s latency).
PORT STATE SERVICE VERSION
53/tcp open domain ISC BIND 9.X
80/tcp open http nginx
222/tcp open ssh OpenSSH 5.1p1 Debian 5 (protocol 2.0)
Service Info: OS: Linux
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.92 seconds
carnal0wnage ~: nmap -6 -sV ::ffff:66.148.86.4
Starting Nmap 5.21 ( http://nmap.org ) at 2010-03-19 21:00 UTC
Nmap scan report for ::ffff:66.148.86.4
Host is up (0.024s latency).
Not shown: 795 closed ports, 203 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 1.3.41 ((Unix) PHP/5.2.9)
8080/tcp open http-proxy Squid webproxy 2.6.STABLE16
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.41 seconds
and metasploit supports ipv6
msf auxiliary(http_version) > run
[*] 2002:53e9:a52a:0000:0000:0832:3316:5042 is running nginx
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
-
-
18:13
»
Carnal0wnage
Getting IPv6 up and running
Install the miredo package:
$ sudo apt-get install miredo
After this command, you should see an IPv6 address beginning with "2001:0:" in your network settings (use 'ifconfig'). If so, you're connected to the IPv6 world.
Remove miredo system startup links:
$ sudo update-rc.d -f miredo remove
Usage:
$ sudo /etc/init.d/miredo {start|stop|restart|reload|force-reload}
If miredo is running you should have another interface called "teredo".
You can display it with the following command:
$ ifconfig teredo
To test if you can reach the IPv6 network, try the following:
carnal0wnage ~: ping6 ipv6.google.com PING ipv6.google.com(iw-in-x63.1e100.net) 56 data bytes 64 bytes from iw-in-x63.1e100.net: icmp_seq=1 ttl=55 time=284 ms 64 bytes from iw-in-x63.1e100.net: icmp_seq=4 ttl=55 time=100 ms 64 bytes from iw-in-x63.1e100.net: icmp_seq=5 ttl=55 time=108 ms --- ipv6.google.com ping statistics --- 7 packets transmitted, 3 received, 57% packet loss, time 6000ms rtt min/avg/max/mdev = 100.005/164.009/284.016/84.920 m
carnal0wnage ~: ping6 www.ipv6.org PING www.ipv6.org(igloo.stacken.kth.se) 56 data bytes 64 bytes from igloo.stacken.kth.se: icmp_seq=1 ttl=58 time=472 ms 64 bytes from igloo.stacken.kth.se: icmp_seq=2 ttl=58 time=156 ms 64 bytes from igloo.stacken.kth.se: icmp_seq=3 ttl=58 time=156 ms 64 bytes from igloo.stacken.kth.se: icmp_seq=5 ttl=58 time=156 ms 64 bytes from igloo.stacken.kth.se: icmp_seq=6 ttl=58 time=156 ms --- www.ipv6.org ping statistics --- 7 packets transmitted, 5 received, 28% packet loss, time 6000ms rtt min/avg/max/mdev = 156.009/219.212/472.027/126.408 ms
carnal0wnage ~: traceroute6 www.ipv6.org traceroute to www.ipv6.org (2001:6b0:1:ea:202:a5ff:fecd:13a6), 30 hops max, 40 byte packets 1 * * * 2 terminator.csbnet.se (2a02:9a0:0:1::193) 612.035 ms 612.035 ms 612.035 ms 3 c2sth-ge-5-0-8.sunet.se (2001:6b0:dead:beef:2::3a9) 648.037 ms 648.037 ms 648.037 ms 4 a1sth-kth.sunet.se (2001:6b0:dead:beef:2::2c6) 636.036 ms 636.036 ms 636.036 ms 5 2001:6b0:1:1d20::2 (2001:6b0:1:1d20::2) 736.042 ms 736.042 ms * 6 * 2001:6b0:1:1200::3 (2001:6b0:1:1200::3) 324.018 ms 324.018 ms 7 igloo.stacken.kth.se (2001:6b0:1:ea:202:a5ff:fecd:13a6) 160.009 ms 156.009 ms 156.009 ms
Changing teredo server:
sudo vi /etc/miredo.conf ServerAddress teredo.ipv6.microsoft.com sudo /etc/init.d/miredo restart
Windows XP
Install
Open the Terminal with Start -> Run -> cmd
netsh interface ipv6 install netsh interface ipv6 set teredo client
Uninstall
netsh interface ipv6 uninstall
Vista
Install
IPV6 and Teredo is enabled per default. You can get into the settings by going into the preferences for an network interface. "Obtain an IPv6 address automatically" should do the trick.
Uninstall
Add this registry value ("DWORD") set to 0xFF (long line, double-click, and copy):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents
Or save the two lines in a .reg file and double-click it:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters] "DisabledComponents"=dword:000000ff
You can also go to the interface properties of an network interface and deselect the IPv6 protocol for that interface. To enable IPv6 again, replace dword:000000ff above with dword:00000000.
Ref:
http://pugio.net/2007/07/howto-enable-ipv6-the-teredo-w.htmlhttps://blueimp.net/linux/howto/ipv6-teredo.html
-
-
18:00
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
18:00
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
-
16:00
»
Packet Storm Security Tools
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
-
16:00
»
Packet Storm Security Recent Files
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
0day.today (was: 1337day, Inj3ct0r, 1337db) (159 unread)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Darknet
The Exploitant
Hack a Day
Wirevolution