IPv666: Address of the Beast

Presented at ShmooCon XV (2019), Jan. 20, 2019, 11 a.m. (60 minutes).

IPv6 comes with a slew of improvements from larger address space to self-organizing addressing to required support of multicast, but these improvements are a double-edged sword. With NAT going away, DHCP no longer being required, modern operating systems and networks supporting and preferring IPv6 over IPv4, ICMP being required for network operation, iptables not applying to IPv6, and multiple IP addresses being associated with individual interfaces, IPv666 conjures the perfect storm of fail open defaults.

Why, then, haven’t more boxes been popped via IPv6? Because 2^128 is far larger than 2^32.

In this talk we will take a practical look at how to enumerate hosts over IPv6, using statistical models to discover servers and novel IPv6 honeypotting techniques to discover clients. We’ll talk about what works and what doesn’t when it comes to finding IPv6 addresses and how we used our model and scanning techniques to start amassing a corpus of the global IPv6 address space. We’ll cover statistics about how much more exposed IPv6 hosts are over their IPv4 counterparts and how prevalent IPv6 hosts are on various hosting platforms. Lastly, we will release our scanning software (open source) and all of the data we’ve collected.


Presenters:

  • Marc Newlin
    Hey there, we’re Marc (@marcnewlin) and Chris (@_lavalamp). Two jolly hacker-types that like solving interesting problems. Hailing from Los Angeles we’ve got a bit of research experience under our collective belt and hope that you find our newest journey interesting! Our backgrounds have a mix of software engineering, penetration testing, academic and industry research, and general shenanigans.
  • Christopher Grayson
    Hey there, we’re Marc (@marcnewlin) and Chris (@_lavalamp). Two jolly hacker-types that like solving interesting problems. Hailing from Los Angeles we’ve got a bit of research experience under our collective belt and hope that you find our newest journey interesting! Our backgrounds have a mix of software engineering, penetration testing, academic and industry research, and general shenanigans.

Links:

Similar Presentations: