Loading...

Stupid Little IPv6 Tricks

With the IPv6 Summit on Friday, various IPv6 related topics are of course on my mind. So I figured to put together a quick laundry list of "stupid little IPv6 tricks/topics". Let me know what issues you are running into as well:

1 - Proxies
Right now, many web sites use proxies to provide IPv6 access. The result is some "interesting" behaviour that you may experience:
  • The IPv6 version of the site may be out of date because the proxy cached it.
  • The IPv6 version may use a different certificate (see an earlier story about this).
  • A site may be down via IPv6 (because of a proxy problem) but up via IPv4.
  • The actual web application isn't coded to look at the Forward-For or similar header, so it has no idea where you are comming from and you run into rate limits.
2 - Extension Headers
Security devices still have issues with extension headers. They may miss attacks, or just misinterpret packets.
  • IDSs will not reassemble sessions correctly as they do not know if a packet will be dropped or not.
  • Firewalls may block packets (or let them pass) as they can't figure out the protocol.
  • Packet analysis tools will give you the wrong interpretation of a packet.
3 - Log Analysis / Address Interpreation
I still see log analysis tools that at first sight seem to work fine with IPv6, but they don't "normalize" the addresses, meaning that 2001:db8::1 is not considered equal to 2001:0db8::1 or 2001:0db8:0000:0000:0000:0000:0000:0001.
4 - Spam
Probably the most common IPv6 "attack" I see is spam, probably by accident (both ends happen to support IPv6) but it works quite well as there are still no real block list for IPv6.
5 - Portscans
So far, we see pretty much no port scans on IPv6 (which is kind of good ;-) ). It is still a decent idea to "hide" an SSH server in IPv6 space.
BTW: Don't forget that we are now able to accept IPv6 firewall logs, not just IPv4!

Source:Sans
tips and tricks 6798435038373991134

Post a Comment

  1. I am so blessed to have known Cyberhackpros@gmail.com you are god sent.i really appreciate working with you after you helped me discover my husband was cheating on me and all he asked for was his email and phone number, that way I was able to access all the information I needed .i am not ashame to tell because i know alot of people need this too. call/text +1 512 605 1256 INSTAGRAM:Cyberhackprofessionals

    ReplyDelete
  2. Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete

emo-but-icon

Home item

Zebronics

Recommend on Google

Advertisements

Advertisements

Popular Posts

Random Posts

Recent Posts

ADS

eXTReMe Tracker