|
With the IPv6 Summit on Friday, various IPv6 related topics are of course on my mind. So I figured to put together a quick laundry list of "stupid little IPv6 tricks/topics". Let me know what issues you are running into as well: 1 - Proxies Right now, many web sites use proxies to provide IPv6 access. The result is some "interesting" behaviour that you may experience:
2 - Extension Headers Security devices still have issues with extension headers. They may miss attacks, or just misinterpret packets.
3 - Log Analysis / Address Interpreation I still see log analysis tools that at first sight seem to work fine with IPv6, but they don't "normalize" the addresses, meaning that 2001:db8::1 is not considered equal to 2001:0db8::1 or 2001:0db8:0000:0000:0000:0000:0000:0001. 4 - Spam Probably the most common IPv6 "attack" I see is spam, probably by accident (both ends happen to support IPv6) but it works quite well as there are still no real block list for IPv6. 5 - Portscans So far, we see pretty much no port scans on IPv6 (which is kind of good ;-) ). It is still a decent idea to "hide" an SSH server in IPv6 space. BTW: Don't forget that we are now able to accept IPv6 firewall logs, not just IPv4!
------ |
Johannes 4473 Posts ISC Handler Jun 12th 2013 |
| Thread locked Subscribe |
Jun 12th 2013 8 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
