Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02
joel jaeggli <joelja@bogus.com> Wed, 20 November 2013 07:13 UTC
Return-Path: <joelja@bogus.com>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4671B1A1F63 for <bmwg@ietfa.amsl.com>; Tue, 19 Nov 2013 23:13:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.425
X-Spam-Level:
X-Spam-Status: No, score=-2.425 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.525] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d9H0ELSJZ9Br for <bmwg@ietfa.amsl.com>; Tue, 19 Nov 2013 23:13:47 -0800 (PST)
Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) by ietfa.amsl.com (Postfix) with ESMTP id 1084D1A1F5D for <bmwg@ietf.org>; Tue, 19 Nov 2013 23:13:47 -0800 (PST)
Received: from mb-aye.local (c-50-174-18-221.hsd1.ca.comcast.net [50.174.18.221]) (authenticated bits=0) by nagasaki.bogus.com (8.14.7/8.14.7) with ESMTP id rAK7Ddn3083314 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Wed, 20 Nov 2013 07:13:40 GMT (envelope-from joelja@bogus.com)
Message-ID: <528C611D.50706@bogus.com>
Date: Tue, 19 Nov 2013 23:13:33 -0800
From: joel jaeggli <joelja@bogus.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:25.0) Gecko/20100101 Thunderbird/25.0
MIME-Version: 1.0
To: Bill Cerveny <bmwg@wjcerveny.com>, Nalini Elkins <nalini.elkins@insidethestack.com>
References: <F1312FAF1A1E624DA0972D1C9A91379A1BFB90E4B9@njfpsrvexg7.research.att.com> <C74F6918-8C94-4B09-A695-CCDEC1A94410@aerohive.com> <3064858D-D0EC-4A9B-9823-8989BEBA1790@aerohive.com> <1384437034.1733.YahooMailNeo@web2805.biz.mail.ne1.yahoo.com> <D02299C4-DB7F-465E-8882-9A5D1168D63E@wjcerveny.com>
In-Reply-To: <D02299C4-DB7F-465E-8882-9A5D1168D63E@wjcerveny.com>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="g0OiWGjIw6UuOxTCF2q5tmhVwWhbbAR30"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (nagasaki.bogus.com [147.28.0.81]); Wed, 20 Nov 2013 07:13:40 +0000 (UTC)
Cc: "bmwg@ietf.org" <bmwg@ietf.org>
Subject: Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 07:13:49 -0000
On 11/18/13, 4:33 AM, Bill Cerveny wrote: > Hi Nalini, > > See comments below: > > On Nov 14, 2013, at 8:50 AM, Nalini Elkins > <nalini.elkins@insidethestack.com > <mailto:nalini.elkins@insidethestack.com>> wrote: > >> Bill, >> >> As I commented at the BMWG meeting, IMHO a few things would be quite >> valuable to benchmark for IPv6. I do not know if these are in scope >> of the charter. We can certainly discuss further, if desired. >> >> 1. The impact of extension headers on performance >> There has been quite a bit of discussion in v6ops and 6man about >> "long" extension headers and ASIC size. That is, if the header gets >> too big, then it is routed slowly. I, for one, would like to see >> some kind of formal discussion and benchmarking of this. > > See http://tools.ietf.org/html/rfc5180#section-5.3, "IPv6 Benchmarking > Methodology", section "Traffic with Extension Headers". There may be > value in a more in-depth discussion and benchmarking of extension > headers and its impact on routers / intermediate nodes. It's a probably mistaken generalization to assume there's a recourse to a "slow path". In many platforms it's perfectly reasonable to expect fast-path or no-path. >> >> 2. Router advertisements: >> Much "bad" stuff can be done with Router Advertisements. See >> UTube video: http://www.youtube.com/watch?v=TfsfNWHCKK0 >> I believe he got this from : https://www.thc.org/thc-ipv6/ which >> also has: > > This was an interesting attack. I had replicated the behavior described > in the YouTube video with Windows 7 and Windows 8 in VMs using > flood_router6 in Nov. 2012. Sam Bowne had done a bit of research on this > issue, including characterizing the behavior on multiple systems as well > as confirming that Microsoft had mostly fixed the problem with patches > in 2013. > > A distinction with the flood_router6 Windows attack is that it didn't > attack routers (intermediate nodes), as far as I know, and the attack > could "only" be launched from the same "broadcast domain." > > Bill >> - parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same >> as ARP mitm (and parasite) >> - alive6: an effective alive scanng, which will detect all systems listening to this address >> - dnsdict6: parallized dns ipv6 dictionary bruteforcer >> - fake_router6: announce yourself as a router on the network, with the highest priority >> - redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer >> - toobig6: mtu decreaser with the same intelligence as redir6 >> - detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc. >> - dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS). >> - trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN >> - flood_router6: flood a target with random router advertisements >> - flood_advertise6: flood a target with random neighbor advertisements >> - exploit6: known ipv6 vulnerabilities to test against a target >> - denial6: a collection of denial-of-service tests againsts a target >> - fuzz_ip6: fuzzer for ipv6 >> - implementation6: performs various implementation checks on ipv6 >> - implementation6d: listen daemon for implementation6 to check behind a fw >> - fake_mld6: announce yourself in a multicast group of your choice on the net >> - fake_mld26: same but for MLDv2 >> - fake_mldrouter6: fake MLD router messages >> - fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication >> - fake_advertiser6: announce yourself on the network >> - smurf6: local smurfer >> - rsmurf6: remote smurfer, known to work only against linux at the moment >> - sendpees6: a tool by willdamn(ad)gmail.com <http://gmail.com>, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice. >> - thcping6: sends a hand crafted ping6 packet >> >> >> Thanks, >> >> Nalini Elkins >> Inside Products, Inc. >> (831) 659-8360 >> www.insidethestack.com <http://www.insidethestack.com> >> >> >> _______________________________________________ >> bmwg mailing list >> bmwg@ietf.org <mailto:bmwg@ietf.org> >> https://www.ietf.org/mailman/listinfo/bmwg > > > > _______________________________________________ > bmwg mailing list > bmwg@ietf.org > https://www.ietf.org/mailman/listinfo/bmwg >
- [bmwg] Draft Minutes for IETF-86 MORTON JR., ALFRED C (AL)
- Re: [bmwg] Draft Minutes for IETF-86 Sangjin Jeong
- Re: [bmwg] Draft Minutes for IETF-86 MORTON JR., ALFRED C (AL)
- [bmwg] Draft Minutes for IETF-87 Sarah Banks
- [bmwg] Draft Minutes for IETF-88 Sarah Banks
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Bill Cerveny
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Bill Cerveny
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 joel jaeggli