IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [ipv6]

IPv6 is the next generation protocol for Internet networking. IPv6 expands on the current Internet Protocol standard known as IPv4. Compared to IPv4, IPv6 offers better addressing, security and other features to support large worldwide networks.

IPv6 is the next generation protocol for Internet networking. IPv6 expands on the current Internet Protocol standard known as IPv4. Compared to IPv4, IPv6 offers better addressing, security and other features to support large worldwide networks.

70 questions
2
votes
0 answers

Throttling IPv6 requests - what would be a suitable subnet size?

I'm trying to come up with a request throttling policy for a web application based on IP addresses. For throttling requests for users on IPv4, a subnet size of /32 (i.e. a single IP address) is often good enough, since end users are very often…
user22260
2
votes
1 answer

Can ping flooding attacks still be implemented in a IPv6 network?

Can ping flooding attacks still be implemented in a IPv6 network? And what could be a good way to simulate such an attack?
JBoH
  • 21
  • 1
2
votes
3 answers

Spoofed MAC address with macchanger but cant connect to internet

So I used macchanger to spoof my mac address with these commands: sudo ifconfig (interface) down sudo macchanger -m (mac_address) (interface) sudo ifconfig (interface) up If I stop here I will not be able to connect to the internet. So I restart…
qstion6006
  • 21
  • 1
  • 2
2
votes
3 answers

Which tool (apart from nmap) can I use to scan a range of IPv6 addresses?

When I try to use nmap: # nmap -sP -6 FE80::1-234 [...] Failed to resolve given IPv6 hostname/IP: FE80::1-234. Note that you can't use '/mask' or '[1-4,7,100-]' style ranges for IPv6.[...] What other tool can I use?
seymourbirkoff
  • 41
  • 1
  • 1
  • 3
2
votes
1 answer

How do I protect my Windows computer against the IPV6 flood attack shown in this video

In the DefCon video "Three Generations of DoS Attacks (with Audience Participation, as Victims)", the speaker demonstrates how it is possible to crash a variety of devices by flooding them with IPV6 'Join Network' commands. 2 questions: Can…
JMK
  • 2,436
  • 7
  • 27
  • 38
2
votes
1 answer

Is possible for a vulnerability search engine to detect the ipv6 adresses?

Using IPV4 protocol, vulnerability search engines can detect and index Internet connected devices. It will be easy for a hacker to collect a lot of information about some devices and perform an attack. Is that possible for The new Internet protocol…
GAD3R
  • 2,211
  • 3
  • 15
  • 38
2
votes
0 answers

Is the crypto-key pair in IPv6 SeND persistent?

IPv6 introduces the NDP extension SeND to help mitigate identity theft, however, is the non-PKI public/private key pair used during the process persistent to some degree, or generated on every connection with the router? RFC3972 hints at a possible…
Shou
  • 121
  • 4
2
votes
2 answers

Telnet port open on my router public IPv6 address

Recently I upgraded my home router into this one. It is a cheap one, but it has features I needed: IPv6 support and Gigabit Ethernet. So I decided to give IPv6 a try. I configured a Hurricane Electric tunnel, so every PC on my home LAN got a public…
Nazar554
  • 123
  • 5
1
vote
2 answers

Assigning random IPv6 ranges to ISPs as a security measure

Pinging all the IPv4 address space takes about 5 hours (and can generate beautiful maps). Port-scanning doesn't take much longer and can reveal vulnerable services, such as remote administration of routers with default credentials or misconfigured…
isanae
  • 145
  • 5
1
vote
1 answer

Best methods to mitigate DDOS with changing IP sources

Source ip addresses can be spoofed. And because of IPv6 it is not enough to keep a look-up table of ip addresses that are excluded from visiting a website, because with ipv6 there are now enough ip addresses for a single sender to spoof to send…
user1709076
  • 149
  • 7
1
vote
0 answers

How to Prevent Attacker from Abusing IPv4-embedded IPv6 to Bypass Security Mechanism?

Section 5.3 of RFC6052 explained how an attacker could abuse the NAT64 translation mechanism to bypass security mechanism such as firewall or IDS/IPS if those devices only have an IPv4 blacklist. The mitigation is to convert the IPv4-embedded IPv6…
maximillian1
  • 48
  • 4
1
vote
0 answers

When using VPN, why do LAN IPv6 Addresses disappear in router LAN status?

My DSL/WiFi router lists the IPv6 GU- and LL- Address for each connected device, alongside the device's MAC address. When a device uses VPN, these addresses disappear from the LAN status listing. Why is that? Is the VPN dropping to IPv4? I am…
P2000
  • 121
  • 5
1
vote
0 answers

Custom IPv6 network and security risks

I draw a custom network (I would use that for developing and testing, my ISP does not support IPv6), there IPv4 and IPv6 are present. 'A' device has firewall: incoming blocked, only accept access (SSH) from 192.168.0.0/16 (private network) 'B'…
gergelymolnarpro
  • 11
  • 2
1
vote
0 answers

Does a browsers' vpn feature securely modify my ipv6 address?

If I use inbuilt vpn feature of a browser, does it modify my ipv6 address, making me safe as far as my mac address is concerned ? OS - Ubuntu 16.04. Browser - Opera
Sir Nutcase
  • 11
  • 1
1
vote
1 answer

ISP's defence methods against IPv6 Spoofing

I read about there being methods applied by ISP's to defend networks against IPv4 spoofing, but not too much about IPv6 spoofing. I'm wondering if someone has some knowledge if ISP's apply techniques against IPv6 spoofing.
XELA MI
  • 11
  • 1
1 2
3
4 5