Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02
Nalini Elkins <nalini.elkins@insidethestack.com> Mon, 18 November 2013 15:02 UTC
Return-Path: <nalini.elkins@insidethestack.com>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CCBF11E8183 for <bmwg@ietfa.amsl.com>; Mon, 18 Nov 2013 07:02:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8E6yqT0n9PjF for <bmwg@ietfa.amsl.com>; Mon, 18 Nov 2013 07:02:21 -0800 (PST)
Received: from nm22-vm9.access.bullet.mail.bf1.yahoo.com (nm22-vm9.access.bullet.mail.bf1.yahoo.com [216.109.115.152]) by ietfa.amsl.com (Postfix) with ESMTP id 0C92A11E837C for <bmwg@ietf.org>; Mon, 18 Nov 2013 06:55:40 -0800 (PST)
Received: from [66.196.81.156] by nm22.access.bullet.mail.bf1.yahoo.com with NNFMP; 18 Nov 2013 14:55:40 -0000
Received: from [66.196.81.140] by tm2.access.bullet.mail.bf1.yahoo.com with NNFMP; 18 Nov 2013 14:55:40 -0000
Received: from [127.0.0.1] by omp1016.access.mail.bf1.yahoo.com with NNFMP; 18 Nov 2013 14:55:40 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 272824.36799.bm@omp1016.access.mail.bf1.yahoo.com
Received: (qmail 25014 invoked by uid 60001); 18 Nov 2013 14:55:39 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1384786539; bh=U5vzwcPRvNblzsMtcopD9xUEJPGjBy4kzEs+9IKgBG8=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=4Y4194AXvrQnDmQgdyZ8UQZ+v20It83RTxqUbtLALiF8KRe/im7DjQeWuWJuyVqsd38EKVt68LCuCtH/h86H2l9B1U7IoZN86d9GhuU3CBrUwdZ/RwQ4XrAu7D0Kuhdx+KFB2chAyogphXKWTefjK7tpwmcl139DvYeW0Y+Yrzw=
X-YMail-OSG: cyd2AJYVM1nPwk4So13X8ErIqySio4p7837UoLpJ62CSY_S OPCy8SR6thw81ajxEAonm3GUMlMMDAO0hHNzw4cxtAUBc2YyxWbyu5FYST3V TdzitkBm7LPDAPAaRgH5uo.fVtYl06WzLlicBIW8DcNHo5WspzYZicYV6dxg KasqXOuVoeL_YflBOv2cStaIEy2QaImLyytJAm1E4Q056owBs_ZVSioBblJz rYtfPLfTXOQ2Pd42ynkadgt5yQKQj1cnO21dD58qnfftF8bejfCsDGvBPjCl zXH9fSiN4ZZjLzNQShIjjarNfxWY4YD4ApAuMmdoNlNnzKpczoTIGOa1TKn1 NMnzewd6CR8_gB1D5bLoVSmM30DFGQRTKmnVVi9bYlhVixKfoiHxoZtcD3lQ u1NqfxhJTOEXzJqVGLL6N6ecqezsY_vPqAGo5p13BAPqoT3x79zdzSz1x4yl vmAxLqG6I.F.idv9UkAtnLpsBlmChD9FZ.raO50ZI3EvJFdTCjRbVjci6aR3 bapyFJdhSgLL6GPZe5REwR5vqP813O5xaUrcByyMgLp19QWY0BpsAQsxwOrS I59r0UMVDqfa756ajVnA6PVE3pNpgbkeC6RvK20YalMdMwN7gmqtZscZgJio pG0Lz6evvwoj3XRqFS_Fs4iKIR7bqpwD7Tr9BdtocQHKY_KKzN0ix2_VHQaJ F_nqi8JDPxRJ0T.R4WLgdN7wKkFaxSvDgCGvNeK1JQRmC.w_PTP7Rdz5KajJ j3Nd_Iz_shNkSvaePKpb3WbGMMUkQkFD.TTyMCIQ5iW7gU_4kGyOWi.SVxac 16Z8EyEn0tZ37mEV4Af5TL.LhrwVoLCwYaJCxbsxzKmxtvSUPGXUZZgrfsWv ORA.rfvgsFVajEzH80efKxARJSKgN
Received: from [24.130.37.147] by web2804.biz.mail.ne1.yahoo.com via HTTP; Mon, 18 Nov 2013 06:55:39 PST
X-Rocket-MIMEInfo: 002.001, QmlsbCwKCklzIEJNV0cgb25seSBjb25jZXJuZWQgd2l0aCBpbnRlcm1lZGlhdGUgbm9kZXM_CgoKCk9uIE5vdiAxNCwgMjAxMywgYXQgODo1MCBBTSwgTmFsaW5pIEVsa2lucyA8bmFsaW5pLmVsa2luc0BpbnNpZGV0aGVzdGFjay5jb20.IHdyb3RlOgoKQmlsbCwKPgo.Cj5BcyBJIGNvbW1lbnRlZCBhdCB0aGUgQk1XRyBtZWV0aW5nLCBJTUhPIGEgZmV3IHRoaW5ncyB3b3VsZCBiZSBxdWl0ZSB2YWx1YWJsZSB0byBiZW5jaG1hcmsgZm9yIElQdjYuIMKgSSBkbyBub3Qga25vdyBpZiB0aGVzZSBhcmUgaW4gc2MBMAEBAQE-
X-Mailer: YahooMailWebService/0.8.166.601
References: <F1312FAF1A1E624DA0972D1C9A91379A1BFB90E4B9@njfpsrvexg7.research.att.com> <C74F6918-8C94-4B09-A695-CCDEC1A94410@aerohive.com> <3064858D-D0EC-4A9B-9823-8989BEBA1790@aerohive.com> <1384437034.1733.YahooMailNeo@web2805.biz.mail.ne1.yahoo.com> <D02299C4-DB7F-465E-8882-9A5D1168D63E@wjcerveny.com>
Message-ID: <1384786539.24955.YahooMailNeo@web2804.biz.mail.ne1.yahoo.com>
Date: Mon, 18 Nov 2013 06:55:39 -0800
From: Nalini Elkins <nalini.elkins@insidethestack.com>
To: Bill Cerveny <bmwg@wjcerveny.com>
In-Reply-To: <D02299C4-DB7F-465E-8882-9A5D1168D63E@wjcerveny.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-1051860855-1139904347-1384786539=:24955"
Cc: "bmwg@ietf.org" <bmwg@ietf.org>
Subject: Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Nalini Elkins <nalini.elkins@insidethestack.com>
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/bmwg>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2013 15:02:28 -0000
Bill, Is BMWG only concerned with intermediate nodes? On Nov 14, 2013, at 8:50 AM, Nalini Elkins <nalini.elkins@insidethestack.com> wrote: Bill, > > >As I commented at the BMWG meeting, IMHO a few things would be quite valuable to benchmark for IPv6. I do not know if these are in scope of the charter. We can certainly discuss further, if desired. > > >1. The impact of extension headers on performance > There has been quite a bit of discussion in v6ops and 6man about "long" extension headers and ASIC size. That is, if the header gets too big, then it is routed slowly. I, for one, would like to see some kind of formal discussion and benchmarking of this. See http://tools.ietf.org/html/rfc5180#section-5.3, "IPv6 Benchmarking Methodology", section "Traffic with Extension Headers". There may be value in a more in-depth discussion and benchmarking of extension headers and its impact on routers / intermediate nodes. > >2. Router advertisements: > Much "bad" stuff can be done with Router Advertisements. See UTube video: http://www.youtube.com/watch?v=TfsfNWHCKK0 > I believe he got this from : https://www.thc.org/thc-ipv6/ which also has: This was an interesting attack. I had replicated the behavior described in the YouTube video with Windows 7 and Windows 8 in VMs using flood_router6 in Nov. 2012. Sam Bowne had done a bit of research on this issue, including characterizing the behavior on multiple systems as well as confirming that Microsoft had mostly fixed the problem with patches in 2013. A distinction with the flood_router6 Windows attack is that it didn't attack routers (intermediate nodes), as far as I know, and the attack could "only" be launched from the same "broadcast domain." Bill - parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite) - alive6: an effective alive scanng, which will detect all systems listening to this address - dnsdict6: parallized dns ipv6 dictionary bruteforcer - fake_router6: announce yourself as a router on the network, with the highest priority - redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer - toobig6: mtu decreaser with the same intelligence as redir6 - detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc. - dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS). - trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN - flood_router6: flood a target with random router advertisements - flood_advertise6: flood a target with random neighbor advertisements - exploit6: known ipv6 vulnerabilities to test against a target - denial6: a collection of denial-of-service tests againsts a target - fuzz_ip6: fuzzer for ipv6 - implementation6: performs various implementation checks on ipv6 - implementation6d: listen daemon for implementation6 to check behind a fw - fake_mld6: announce yourself in a multicast group of your choice on the net - fake_mld26: same but for MLDv2 - fake_mldrouter6: fake MLD router messages - fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication - fake_advertiser6: announce yourself on the network - smurf6: local smurfer - rsmurf6: remote smurfer, known to work only against linux at the moment - sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice. - thcping6: sends a hand crafted ping6 packet > > >Thanks, > > >Nalini Elkins >Inside Products, Inc. >(831) 659-8360 >www.insidethestack.com > > > _______________________________________________ >bmwg mailing list >bmwg@ietf.org >https://www.ietf.org/mailman/listinfo/bmwg >
- [bmwg] Draft Minutes for IETF-86 MORTON JR., ALFRED C (AL)
- Re: [bmwg] Draft Minutes for IETF-86 Sangjin Jeong
- Re: [bmwg] Draft Minutes for IETF-86 MORTON JR., ALFRED C (AL)
- [bmwg] Draft Minutes for IETF-87 Sarah Banks
- [bmwg] Draft Minutes for IETF-88 Sarah Banks
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Bill Cerveny
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Bill Cerveny
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 joel jaeggli