Re: [Full-disclosure] Hacking IPv6 Networks (slides)

["Dobbins, Roland" <rdobbins@xxxxxxxxx>]

On Jul 26, 2011, at 10:35 PM, Fernando Gont wrote:

> They contain quite a few insights about IPv6 security, along with a number of 
> practical examples.

Good stuff!

A few observations:

1.      By prepending lots of extension headers to packets, it may be possible 
to exhaust router ASIC/TCAM capacity, causing the traffic in question to be 
punted to the RP and thus leading to a DoS condition.

2.      The consonance of the English letters 'B', 'C', 'D', & 'E' is likely to 
result in untold billions of dollars of opex related to misconfigurations, 
outages, improper access policies contributing to security breaches, etc.  
Whenever possible, IPv6 address-/netblock-related information should be 
transmitted in written form, not verbally.

3.      BGP and IGP mining can also be useful for hinted scanning.

4.      The numerous instantiations of additional state being added to networks 
in the form of 6-to-4 gateways, CGNs, et. al. as a result of IPv4 address 
exhaustion and IPv6 transition greatly increases the DoS risk, as well.  
There's already far too much of this in the mobile/wireless world, resulting in 
numerous DoS conditions on those networks caused by 
portscans/hostscans/outbound & crossbound DDoS attacks initiated by botted 
hosts; now it's going to become even more common in the wireline world, as well.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@xxxxxxxxx> // <http://www.arbornetworks.com>

                The basis of optimism is sheer terror.

                          -- Oscar Wilde

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/