IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [ipv6]

IPv6 is the next generation protocol for Internet networking. IPv6 expands on the current Internet Protocol standard known as IPv4. Compared to IPv4, IPv6 offers better addressing, security and other features to support large worldwide networks.

IPv6 is the next generation protocol for Internet networking. IPv6 expands on the current Internet Protocol standard known as IPv4. Compared to IPv4, IPv6 offers better addressing, security and other features to support large worldwide networks.

70 questions
1
vote
1 answer

My ISP provides IPv6 natively but my VPN does not support IPv6

I have an internet connection that is soon rolling out IPv6 native support but my VPN connection is far from rolling out IPv6 connection. Can there can be any sort of leak if I still connect to my VPN while my ISP gives me an IPv6 address? Moreover,…
Skynet
  • 598
  • 5
  • 12
1
vote
1 answer

Is only using one IP address version (IPv4/IPv6) an availability risk?

Most websites configure their domain name server records only with A records for the use in IPv4 networks only. Some websites have configured AAAA records as well for use in IPv6 networks, using both IPv4 and IPv6. This basically means that a server…
Bob Ortiz
  • 6,234
  • 8
  • 43
  • 90
1
vote
1 answer

Is there a compatibility issue between IPv6 and security testing tools?

Now that IPv6 is slowly coming into the picture, will there be a compatibility issue with using security testing tools, e.g.,: Network vulnerability scanning tools Web Applicaiton vulnerability assessment tools Secure source code analysis tools …
Karthik
  • 2,254
  • 4
  • 19
  • 19
1
vote
1 answer

Searching a tool to perform SSL/TLS handshakes and store data

As the title says, I am searching for a tool, which can do the following: Do SSL Handshake beeing given a list of IP-Addresses Support SNI (in that case hostnames would be in the list, too) Performance (scalable on list with multiple 100 million…
Hansi
  • 87
  • 1
  • 1
  • 6
1
vote
2 answers

Bypassing the GFW with IPv6 and proxying all IPv4 traffic

I hope I'm in the right forum for this kind of question. I'm in China and as you're probably all aware, the Great Firewall (GFW) blocks a lot of websites. Surprisingly, when using the IPv6 connection provided by CERNET (academic university network),…
leosh
  • 111
  • 3
1
vote
1 answer

What are the risks of removing ISATAP from the default global block list?

The process of installing Microsofts pseudo VPN called Direct Access requires me to remove the ISATAP name from the default global block list by running this command: dnscmd /config /globalqueryblocklist wpad What are the implications of running…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
1
vote
1 answer

Is KDD CUP methodology sufficient to describe all possible attacks in IPv6?

KDD CUP dataset has been used to train IPv4 intrusion detection systems. The attacks are identified with the help of these pre-determined features. Are these features sufficient to classify the attacks in IPv6? In other words, is KDD CUP…
Star Seller
  • 11
  • 1
1
vote
1 answer

How do I scan for and discover active IPv6 addresses of devices behind a router?

Usually with IPv4 and NAT you can only access a device behind a router if the router is port-forwarded correctly or is the router's DMZ. When behind the router you can easily scan for the IPs behind the router, usually in the 192.168.0.1/24 or…
Sam
  • 11
  • 2
0
votes
1 answer

Is NAT66 increasing security?

NAT is so standard for IPv4 that nobody thinks about it but for IPv6 it's considered a really bad option. (Article from APNIC) Of course there's the stateless NPTv6 and the firewall can be configured such that the clients don't get unwanted inbound…
Philip
  • 199
  • 1
  • 7
0
votes
0 answers

Suspicious incoming connection attempts from random IPv6 addresses on local network on macOS

I've been using Little Snitch on my Macbook and I have since a long time a rule to alert on any incoming IPv6 connection, which would be suspicious since I use IPv4 only. Since a couple of days I've been getting regular alerts for incoming…
Rolf W.
  • 101
  • 2
0
votes
1 answer

IPv6 address leaking despite VPN?

Given that commands like ifconfig or ip address don't require root privileges, apps can access information about ip address. If you use ipv4, you are normally behind NAT and apps would get an address in the 192.168... range, which is not very…
lolz
  • 11
  • 3
0
votes
0 answers

Is NMAP UDP scanning for IPV6 fully supported and mature?

When I read the docs on nmap.org about UDP support for IPV6 on nmap site I notice that "UDP is not supported". I know that the syntax is there, but when I run a scan against a target that is configured to send ICMP unreachables I cannot achieve good…
postoronnim
  • 375
  • 3
  • 10
0
votes
2 answers

Disabling IPV6 firewall with IPV6 disabled

Our router (Asus RT-AC68U) has been slowing down our speeds, up until I disabled the IPV6 firewall (Went from 250 to 380, which is the modem cap for now). We've always had IPV6 disabled on the router, but I was wondering if it poses any security…
John
  • 3
  • 1
0
votes
0 answers

What is the most restrictive way to allow IPv6 ICMP requests on iptables?

This is what I have so far but it is pretty open. *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -p ipv6-icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A OUTPUT -p ipv6-icmp -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -m state…
sunknudsen
  • 169
  • 1
  • 8
0
votes
0 answers

Is it a Bad Idea™ to open all IPv6 ports for devices in an isolated guest network?

At home I have a dual-stack IPv4/IPv6 broadband connection, and I also have a wireless access point. The access point currently bridges all traffic into my LAN, which is not segmented in any way, so all visitors that use my wireless network have the…
eomanis
  • 1
  • 1
1 2 3
4
5