...@vt.edu
Sent: Monday, January 19, 2009 11:48 AM
To: Lukas Th. Hey
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Exploitation of unused IPv6-capabilities
On Sun, 18 Jan 2009 22:17:44 +0100, Lukas Th. Hey said:
Attack: Have an IPv6 tunnel with appropriate prefix
Hi,
The papers pointed to by the others are basically straight
forward and not really new issues if you know how
ARP poisoning works. The thing that makes me wonder
and adds some new points is
'As soon as the victim has an IPv6 address issued by your radvd it will
prefer -entries over
* Sebastian Krahmer:
What do you mean by that? I looked at the glibc resolver,
it might be that if getaddrinfo() does not get proper
ai_family arguments of AF_INET, it will accept records.
So, the application which thinks is using IPv4 DNS resolving
will eventually connect using IPv6?
On Sun, 18 Jan 2009 22:17:44 +0100, Lukas Th. Hey said:
Attack: Have an IPv6 tunnel with appropriate prefix delegated.
Configure your machine to propagate the prefix and
switch on IPv6 routing.
Yes, that attack unfortunately often works quite well.
Hi folks,
while playing around I had an idea for some new kind of mitm which
works quite well here.
Affected: All operating systems with unused IPv6 capabilities
listening to router advertisements (radvd for example)
Attack: Have an IPv6 tunnel with appropriate
Hi,
Hi folks,
while playing around I had an idea for some new kind of mitm which
works quite well here.
do you mean like:
http://tools.ietf.org/html/draft-chown-v6ops-rogue-ra-02
http://www.tml.tkk.fi/~pnr/publications/WiSe2002-Arkko.pdf
yes, we're aware of the issues for some time now.
Hiho,
$!
$! http://tools.ietf.org/html/draft-chown-v6ops-rogue-ra-02
$! http://www.tml.tkk.fi/~pnr/publications/WiSe2002-Arkko.pdf
$!
I thinks it's a topic where admins have to be a bit more sensitive.
;-) Still works like a charm and they have not the slightest idea. But
nice to see that this