DoS against IPv6?

Pekka Savola pekkas@netcore.fi
Thu, 19 Jul 2001 15:08:32 +0300 (EEST)


On Thu, 19 Jul 2001 itojun@iijlab.net wrote:
> >I'm writing a thesis about DoS/DDoS methods against IPv6/IPsec.
> >
> >If anyone knows any previous papers about subject, especially if they
> >contain DoS-attacks in theory, but haven't implemented them, I could use
> >those as references. I allready have some ICMPv6 attacks documented, but
> >I need still more and other types.
>
> 	i have never seen IPv6 DDoS papers/whatever, but there are a couple
> 	of interesting ones.
>
> 	abuse tools:
>
> 	there was a tool to forge packets that cross IPv6-over-IPv4 tunnel,
> 	and lets bad guys inject any IPv6 traffic into the 6bone without
> 	revealing identity.  this could be used as a starting point for DoS.
>
> 	DoS possibility due to spec twist:
>
> 	http://www.securityfocus.com/templates/archive.pike?threads=1&list=1&start=2001-06-24&mid=193046&fromthread=1&end=2001-06-30&
> 	draft-ietf-ipngwg-p2p-pingpong-00.txt
> 	draft-itojun-ipv6-transition-abuse-01.txt

Also, work-in-progress draft-huitema-shipworm-00.txt (not implemented yet,
just fresh out of the oven..) would allow you to anonymously flood IPv4
UDP ports with encapsulated IPv6 packets.  This might be something to
watch out for in the future.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords