Seeking IPv6 Security Resources

Tue Nov 25 21:24:09 UTC 2014

--- cgrundemann at gmail.com wrote:
From: Chris Grundemann <cgrundemann at gmail.com>

I am looking for IPv6 security resources to add to:
http://www.internetsociety.org/deploy360/ipv6/security/

These could be best current practice documents, case-studies,
lessons-learned/issues-found, research/evaluations, RFCs, or anything else
focused on IPv6 security really.

I'm not requesting that anyone do any new work, just that you point me to
solid public documents that already exist. Feel free to share on-list or
privately, both documents you may have authored and those you have found
helpful.
------------------------------

http://www.si6networks.com/tools/ipv6toolkit/index.html

List of Tools
 •addr6: An IPv6 address analysis and manipulation tool.
 •flow6: A tool to perform a security asseessment of the IPv6 Flow Label.
 •frag6: A tool to perform IPv6 fragmentation-based attacks and to perform a security assessment of a number of fragmentation-related aspects.
 •icmp6: A tool to perform attacks based on ICMPv6 error messages.
 •jumbo6: A tool to assess potential flaws in the handling of IPv6 Jumbograms.
 •na6: A tool to send arbitrary Neighbor Advertisement messages.
 •ni6: A tool to send arbitrary ICMPv6 Node Information messages, and assess possible flaws in the processing of such packets.
 •ns6: A tool to send arbitrary Neighbor Solicitation messages.
 •ra6: A tool to send arbitrary Router Advertisement messages.
 •rd6: A tool to send arbitrary ICMPv6 Redirect messages.
 •rs6: A tool to send arbitrary Router Solicitation messages.
 •scan6: An IPv6 address scanning tool.
 •tcp6: A tool to send arbitrary TCP segments and perform a variety of TCP-based attacks.

scott