Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Researchers release tool to pickup the SLAAC in Man-In-The-Middle attacks using IPv6

Steve Ragan | Aug. 7, 2013
Technology from Neohapsis drastically drops the time needed for a Man-in-the-Middle attack using IPv6

When Waters published his instructions; the advice at the time with regard to defense against SLAAC Attacks was to disable IPv6 "on all capable hosts if theres no business reason to use it."

The issue many took with this advice was that it didn't address the problem, and then there's the fact that IPv6 is a way of life for many enterprise operations. However, Waters' research on SLACC proved that organizations can't ignore IPv6, as it exposed a layer of risk to the network each time a new host was deployed with the latest Microsoft OS.

"The most extreme way to mitigate the attack is to disable IPv6 on client machines," Behrens said.

"Unfortunately, this would hinder IPv6 adoption. Instead, we would like to see more IPv6 networks being deployed, along with the defenses described in RFC 6105 and the Cisco First Hop Security Implementation Guide. This includes using features such as RA Guard, which allows administrators to configure a trusted switch port that will accept IPv6 Router Advertisement packets, indicating the legitimate IPv6 router."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.