[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAAfuxn+Lc-6goMjS_-D-wASMrZtpNHBACrN9JvKKZwCx_qowRw@mail.gmail.com>
Date: Thu, 1 Sep 2011 11:34:57 +0200
From: Dan Luedtke <maildanrl@...glemail.com>
To: Full Disclosure <full-disclosure@...ts.grok.org.uk>,
"bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: Re: [Full-disclosure] HP A-series switches are affected, too. [WAS:
More on IPv6 RA-Guard evasion (IPv6 security)]
Hello Fernando, hello list,
you addressed a problem that many vendors suffer from at the moment.
Marc Heuse discovered this vulnerability, i guess, and he has
published a nice collection of tools to generate the packets mentioned
in your article.
More on that: http://thc.org/thc-ipv6/
Based on Marc's ideas I tested the mentioned attack on Hewlett
Packard's A-series switches, and I have to say that these attacks were
successful. That stopped us from implementing IPv6 for a while in our
network.
If you are interested, you can obtain my thesis as PDF-document here
https://www.danrl.de/dl/bachelor-thesis-luedtke.pdf
(Chapter Edge-Level might be the one of your interest)
By the way, I don't think it is a good idea to disallow any Extension
Headers in ND-Messages, I'd like switches to discard ND-Messages with
more that e.g. 3 chained headers. But that is another conversation...
I subscribed to the IPv6 Hackers mailing list, maybe we will have some
discussion about that over there.
regards,
danrl
--
danrl / Dan Luedtke
http://www.danrl.de
Powered by blists - more mailing lists