Einschränkung der Auswahl
Alle Artikel aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2008/2009
oder nur Artikel des
• Entwickler Magazin aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2008-2010
alle (lang!)
• Mobile Technology aus
2019
2016
2015
2014
2012/2013
alle (lang!)
• PHP Magazin / PHP User aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2009/2010
alle (lang!)
• windows.developer / dot.Net Magazin aus
2019
2018
2017
2016
2015
2014
2013
2012
2008-2011
alle (lang!)
• oder der anderen Magazine
Risiko IPv6
Schwachstellen erkennen und beheben
Im
PHP Magazin 4.2017
ist ein Überblick über Schwachstellen in und Angriffe auf
IPv6 erschienen.
Links
- [1] RFC 4380 - Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)
- [2] James Hoagland; Symantec: "The Teredo Protocol: Tunneling Past Network Security and Other Security Implications" (PDF)
- [3] RFC 5991 - Teredo Security Updates
- [4] RFC 3056 - Connection of IPv6 Domains via IPv4 Clouds
- [5] RFC 3964 - Security Considerations for 6to4
- [6] RFC 5214 - Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)
- [7] Bill Cerveny; Arbor Networks: "Infrastructure Security Report: IPv6 DDoS Attacks"
- [8] Microsoft Security Bulletin MS13-065 - Important: "Vulnerability in ICMPv6 could allow Denial of Service (2868623)"
- [9] Wikipedia: Ping of Death
- [10] Scapy
- [11] scapy6.py
- [12] Arnaund Ebalard, Philippe Biondi; Hack in the Box Malaysia 2006: "Scapy and IPv6 networking"
(Präsentation als PDF)
- [13] GitHub: secdev/scapy: Scapy: the python-based interactive packet manipulation program & library
- [14] H.D. Moore; DEF CON 17 (2009): "Hacking the Next Internet"
(Material)
- [15] Sam Bowne; DEF CON 18 (2010): "Who Cares About IPv6?"
(Material)
- [16] Marc Heuse: "ICMPv6 Router Announcement flooding denial of service affecting multiple systems"
- [17] Sam Bowne; DEF CON 19 (2011): "Three Generations of DoS Attacks (with Audience Participation, as Victims)"
(Material)
- [18] CVE-2010-4669
- [19] Microsoft Security Bulletin MS14-006 - Important: "Vulnerability in IPv6 Could Allow Denial of Service (2904659)"
- [20] CVE-2014-0254
- [21] Nicolas Economou: Core Security: "MS14-006: "Microsoft Windows TCP IPv6 Denial of Service Vulnerability""
- [22] Alec Waters; InfoSec Institute: "SLAAC Attack – 0day Windows Network Interception Configuration Vulnerability"
- [23] Antonios Atlasis; Black Hat Europe 2012: "Attacking IPv6 Implementation Using Fragmentation"
(Video auf YouTube)
- [24] Marc Heuse; Hack in the Box Malaysia 2012: "IPv6 Insecurity Revolutions"
(Präsentation als PDF,
Video auf YouTube)
- [25] THC-IPV6 - attacking the IPV6 protocol suite
- [26] Antonios Atlasis; Black Hat Abu Dhabi 2012: "Security Impacts of Abusing IPv6 Extension Headers"
- [27] Sam Bowne, Matthew Prince; DEF CON 21 (2013): "Evil DoS Attacks and Strong Defenses"
(Material)
- [28] Chema Alonso; DEF CON 21 (2013): "Fear the Evil FOCA: IPv6 attacks in Internet connections"
(Material)
- [29] Scott Behrens, Brent Bandelgar; DEF CON 21 (2013): "MitM all the IPv6 Things"
(Material)
- [30] GitHub: Neohapsis/suddensix: IPV6 MITM attack tool
- [31] Mathias Morbitzer; Hack in the Box Malaysia 2013: "TCP Idle Scans in IPv6"
(Präsentation als PDF,
Master Thesis als PDF)
- [32] Antonios Atlasis, Enno Rey; Black Hat USA 2014: "Evasion of High-End IPS Devices in the Age of IPv6"
(Video auf YouTube)
- [33] Antonios Atlasis, Jayson Salazar, Rafael Schaefer; Black Hat Asia 2015: "MLD Considered Harmful - Breaking Another IPv6 Subprotocol"
(Video auf YouTube)
- [34] akamai’s [state of the internet] / security; Ausgabe 1. Quartal 2015 (PDF)
- [35] RFC 7123 - Security Implications of IPv6 on IPv4 Networks
- [36] [36] RFC 2461 - Neighbor Discovery for IP Version 6 (IPv6)
- [37] RFC 4861 - Neighbor Discovery for IP version 6 (IPv6)
- [38] RFC 3971 - SEcure Neighbor Discovery (SEND)
- [39] RFC 6980 - Security Implications of IPv6 Fragmentation with IPv6 Neighbor Discovery
- [40] DFN-CERT-2017-0076: "IPv6-Protokoll: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff"
- [41] Besina Ivan, Fránik Milan, Janko Ladislav; WeLiveSecurity-Blog: "Cyber-Kriminelle nehmen Router ins Visier"