Full Disclosure: Re: Hacking IPv6 Networks (slides)

["Dobbins, Roland" <rdobbins () arbor net>]

On Jul 26, 2011, at 10:35 PM, Fernando Gont wrote:

> They contain quite a few insights about IPv6 security, along with a number of practical examples.
Good stuff!

A few observations:

1.      By prepending lots of extension headers to packets, it may be possible to exhaust router ASIC/TCAM capacity, 
causing the traffic in question to be punted to the RP and thus leading to a DoS condition.

2.      The consonance of the English letters 'B', 'C', 'D', & 'E' is likely to result in untold billions of dollars of 
opex related to misconfigurations, outages, improper access policies contributing to security breaches, etc.  Whenever 
possible, IPv6 address-/netblock-related information should be transmitted in written form, not verbally.

3.      BGP and IGP mining can also be useful for hinted scanning.

4.      The numerous instantiations of additional state being added to networks in the form of 6-to-4 gateways, CGNs, 
et. al. as a result of IPv4 address exhaustion and IPv6 transition greatly increases the DoS risk, as well.  There's 
already far too much of this in the mobile/wireless world, resulting in numerous DoS conditions on those networks 
caused by portscans/hostscans/outbound & crossbound DDoS attacks initiated by botted hosts; now it's going to become 
even more common in the wireline world, as well.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

                The basis of optimism is sheer terror.

                          -- Oscar Wilde

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/