lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <51202144.5020301@si6networks.com>
Date: Sat, 16 Feb 2013 21:16:04 -0300
From: Fernando Gont <fgont@...networks.com>
To: Full Disclosure <full-disclosure@...ts.grok.org.uk>, 
	"bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: Scanning the IPv6 Internet with the scan6 tool
	(SI6 IPv6 toolkit)

Folks,

A while ago we had published an IETF Internet-Draft about IPv6 Network
Reconnaissance ("Network Reconnaissance in IPv6 Networks", available at:
<http://tools.ietf.org/html/draft-ietf-opsec-ipv6-host-scanning-00>).

Our scan6 tool (part of the SI6 Networks' IPv6 toolkit
<http://www.si6networks.com/tools/ipv6toolkit>) allows you to play with
the different IPv6 address scanning techniques.

It's simple to play/try: Find an IPv6 node (e.g., "dig DOMAIN aaaa", and
figure out the pattern... or simply scan for the predefined scan
patterns that scan6 implements). "traceroute6 DOMAIN" will give you the
IPv6 addresses of the intervening routers (which generally follow very
easy/straightforward patterns).

We're really eager to get feedback from the community... there's still
lots to research on this subject, so... the more input we get form the
community (whether on-list or off-list), the better the next releases of
scan6 will be. (Have we missed any patterns? How about other
virtualization technologies that scan6 does not yet support? etc.)

As you probably know, we typically discuss IPv6 security issues on the
IPv6 hackers mailing-list
<http://www.si6networks.com/community/mailing-lists.html> -- feel free
to join -- it's a low-noise and very focused list.

P.S.: Please do read the scan6 manual page before using the tool .. you
might cause trouble to the target network and/or to your own network.

Thanks!

Best regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@...networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ