Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02
Bill Cerveny <bmwg@wjcerveny.com> Mon, 18 November 2013 12:33 UTC
Return-Path: <bmwg@wjcerveny.com>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B7CC11E83F9 for <bmwg@ietfa.amsl.com>; Mon, 18 Nov 2013 04:33:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.398
X-Spam-Level:
X-Spam-Status: No, score=-0.398 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ddbOXf+duOj for <bmwg@ietfa.amsl.com>; Mon, 18 Nov 2013 04:33:50 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by ietfa.amsl.com (Postfix) with ESMTP id E896611E8402 for <bmwg@ietf.org>; Mon, 18 Nov 2013 04:33:44 -0800 (PST)
Received: from compute5.internal (compute5.nyi.mail.srv.osa [10.202.2.45]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 7AB9420194; Mon, 18 Nov 2013 07:33:43 -0500 (EST)
Received: from frontend1 ([10.202.2.160]) by compute5.internal (MEProxy); Mon, 18 Nov 2013 07:33:43 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; s=smtpout; bh=cUd c03abVgOSB0M0Gg5TqaOLB8k=; b=qviTdlGAhqnv8SO0VObHgZ5nFi8Cw0dKIib q66No/LWUfTQZsy4y2FtMeF6VcjZyDP3V8/F7fL41rr4/ggor0XDlLSC4uLrPaDz CbtO9VT6Q3Impod5R2hmSrqTkZUmOSEicAwfLzzO5CmEhnxE0LeKe+rwH3ckwsQk nZYjfTIY=
X-Sasl-enc: pP+alx7FbVjwLhfmwNdL8t1lzu5iI+6PC7jo2bW7E9GS 1384778023
Received: from [192.168.1.108] (unknown [96.35.101.227]) by mail.messagingengine.com (Postfix) with ESMTPA id D47AAC00E80; Mon, 18 Nov 2013 07:33:42 -0500 (EST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_6949DCE9-7847-4ED2-AF39-26CEB3CFD842"
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1816\))
From: Bill Cerveny <bmwg@wjcerveny.com>
In-Reply-To: <1384437034.1733.YahooMailNeo@web2805.biz.mail.ne1.yahoo.com>
Date: Mon, 18 Nov 2013 07:33:43 -0500
Message-Id: <D02299C4-DB7F-465E-8882-9A5D1168D63E@wjcerveny.com>
References: <F1312FAF1A1E624DA0972D1C9A91379A1BFB90E4B9@njfpsrvexg7.research.att.com> <C74F6918-8C94-4B09-A695-CCDEC1A94410@aerohive.com> <3064858D-D0EC-4A9B-9823-8989BEBA1790@aerohive.com> <1384437034.1733.YahooMailNeo@web2805.biz.mail.ne1.yahoo.com>
To: Nalini Elkins <nalini.elkins@insidethestack.com>
X-Mailer: Apple Mail (2.1816)
Cc: "bmwg@ietf.org" <bmwg@ietf.org>
Subject: Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/bmwg>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2013 12:33:54 -0000
Hi Nalini, See comments below: On Nov 14, 2013, at 8:50 AM, Nalini Elkins <nalini.elkins@insidethestack.com> wrote: > Bill, > > As I commented at the BMWG meeting, IMHO a few things would be quite valuable to benchmark for IPv6. I do not know if these are in scope of the charter. We can certainly discuss further, if desired. > > 1. The impact of extension headers on performance > There has been quite a bit of discussion in v6ops and 6man about "long" extension headers and ASIC size. That is, if the header gets too big, then it is routed slowly. I, for one, would like to see some kind of formal discussion and benchmarking of this. See http://tools.ietf.org/html/rfc5180#section-5.3, "IPv6 Benchmarking Methodology", section "Traffic with Extension Headers". There may be value in a more in-depth discussion and benchmarking of extension headers and its impact on routers / intermediate nodes. > > 2. Router advertisements: > Much "bad" stuff can be done with Router Advertisements. See UTube video: http://www.youtube.com/watch?v=TfsfNWHCKK0 > I believe he got this from : https://www.thc.org/thc-ipv6/ which also has: This was an interesting attack. I had replicated the behavior described in the YouTube video with Windows 7 and Windows 8 in VMs using flood_router6 in Nov. 2012. Sam Bowne had done a bit of research on this issue, including characterizing the behavior on multiple systems as well as confirming that Microsoft had mostly fixed the problem with patches in 2013. A distinction with the flood_router6 Windows attack is that it didn't attack routers (intermediate nodes), as far as I know, and the attack could "only" be launched from the same "broadcast domain." Bill > - parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same > as ARP mitm (and parasite) > - alive6: an effective alive scanng, which will detect all systems listening to this address > - dnsdict6: parallized dns ipv6 dictionary bruteforcer > - fake_router6: announce yourself as a router on the network, with the highest priority > - redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer > - toobig6: mtu decreaser with the same intelligence as redir6 > - detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc. > - dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS). > - trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN > - flood_router6: flood a target with random router advertisements > - flood_advertise6: flood a target with random neighbor advertisements > - exploit6: known ipv6 vulnerabilities to test against a target > - denial6: a collection of denial-of-service tests againsts a target > - fuzz_ip6: fuzzer for ipv6 > - implementation6: performs various implementation checks on ipv6 > - implementation6d: listen daemon for implementation6 to check behind a fw > - fake_mld6: announce yourself in a multicast group of your choice on the net > - fake_mld26: same but for MLDv2 > - fake_mldrouter6: fake MLD router messages > - fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication > - fake_advertiser6: announce yourself on the network > - smurf6: local smurfer > - rsmurf6: remote smurfer, known to work only against linux at the moment > - sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice. > - thcping6: sends a hand crafted ping6 packet > > > Thanks, > > Nalini Elkins > Inside Products, Inc. > (831) 659-8360 > www.insidethestack.com > > > _______________________________________________ > bmwg mailing list > bmwg@ietf.org > https://www.ietf.org/mailman/listinfo/bmwg
- [bmwg] Draft Minutes for IETF-86 MORTON JR., ALFRED C (AL)
- Re: [bmwg] Draft Minutes for IETF-86 Sangjin Jeong
- Re: [bmwg] Draft Minutes for IETF-86 MORTON JR., ALFRED C (AL)
- [bmwg] Draft Minutes for IETF-87 Sarah Banks
- [bmwg] Draft Minutes for IETF-88 Sarah Banks
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Bill Cerveny
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Bill Cerveny
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 Nalini Elkins
- Re: [bmwg] draft-cerveny-bmwg-ipv6-nd-02 joel jaeggli