Uploaded by skaro95

IPv6 Network Reconnaissance Presentation

advertisement
IPv6 Network Reconnaissance
Table of Contents
Threats -1 ........................................................................................................................................ 2
Notices ............................................................................................................................................ 4
Page 1 of 4
Threats -1
Threats -1
Publically Available Information
•
•
•
•
Not very different from IPv4
Web, Mail, DNS server IP addresses in DNS
DNS Zone Transfers
Server client access logs
Mitigation:
•
•
•
•
Default deny rules for unauthorized traffic
Consider privacy addressing
Proper use of Site-Local/Unique-Local Addressing (it’s not NAT, but...)
Split DNS and protection of private hostname/IPs
DEMO – IPv6 Network Recon
20
**020 So now we start to get to some more
fun. This is where it gets good. This is where
we can have some fun.
So when we get to the first threats, we
can look at publicly available information.
In IPv4, what is it? It's phone numbers.
It's network blocks. It's name server
queries. It's no different from IPv4, what
we're going to see in IPv6.
Web, Mail, DNS servers. Right? Those
are always going to be our targets.
Right? But DNS is going to be more of a
target now, because of all those funky
long names. And having such a big
range to scan, if you're a bad guy, you
can drastically decrease that, if you can
get in there and actually see some of your
IPs, and your hostnames.
Page 2 of 4
Server client access logs become really
important to protect. You might not care,
from a web server perspective, who's
accessing your website. But now all of a
sudden I can tell that Chris May, because
he's got a unique MAC address that
follows him wherever he goes-- whether
he's in China, or whether he's in South
America, or he's home in Cranberry-what's going to happen is his MAC
address, if he's using his EUI-64 address
on his computer, is now registered in all
those pornography websites, in their web
logs; and whatever the case might be.
Right?
So now I have a way to say, "I know who
this individual is because their MAC
address was used." Right? Now
obviously as security professionals, we
can argue whether or not that can be
spoofed, or it's really me, or whatever the
case might be. But that's a big problem
right now with privacy, that people are
concerned with, is that there's going to be
law enforcement, or whoever it is, and
people are going to know my surfing
habits, my computer use habits, based off
of this unique identifier that's tied to my
machine. Hence privacy extensions
come into play. Hence more difficult to
track anything that's going on, or set
access controls, if you use privacy
extensions. So we got some issues there.
Page 3 of 4
Notices
Notices
Copyright 2013 Carnegie Mellon University
This material has been approved for public release and unlimited distribution except as restricted below.
This material is distributed by the Software Engineering Institute (SEI) only to course attendees for their
own individual study. Except for the U.S. government purposes described below, this material SHALL NOT
be reproduced or used in any other manner without requesting formal permission from the Software
Engineering Institute at permission@sei.cmu.edu.
This material is based upon work funded and supported by the Department of Defense under Contract No.
FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute,
a federally funded research and development center.
The U.S. Government's rights to use, modify, reproduce, release, perform, display, or disclose this material
are restricted by the Rights in Technical Data-Noncommercial Items clauses (DFAR 252-227.7013 and
DFAR 252-227.7013 Alternate I) contained in the above identified contract. Any reproduction of this material
or portions thereof marked with this legend must also reproduce the disclaimers contained on this slide.
Although the rights granted by contract do not require course attendance to use this material for U.S.
Government purposes, the SEI recommends attendance to ensure proper understanding.
NO WARRANTY. THE MATERIAL IS PROVIDED ON AN “AS IS” BASIS, AND CARNEGIE MELLON
DISCLAIMS ANY AND ALL WARRANTIES, IMPLIED OR OTHERWISE (INCLUDING, BUT NOT LIMITED
TO, WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, RESULTS OBTAINED FROM USE OF
THE MATERIAL, MERCHANTABILITY, AND/OR NON-INFRINGEMENT).
CERT® is a registered mark of Carnegie Mellon University.
.
Page 4 of 4
Download