The Impact of IPv6 on Penetration Testing - Information and Communication Technologies
Conference Papers Year : 2012

The Impact of IPv6 on Penetration Testing

Christiaan Ottow
  • Function : Author
  • PersonId : 1010705
Frank Van Vliet
  • Function : Author
  • PersonId : 1010706
Pieter-Tjerk De Boer
  • Function : Author
  • PersonId : 1004798
Aiko Pras
  • Function : Author
  • PersonId : 994064

Abstract

In this paper we discuss the impact the use of IPv6 has on remote penetration testing of servers and web applications. Several modifications to the penetration testing process are proposed to accommodate IPv6. Among these modifications are ways of performing fragmentation attacks, host discovery and brute-force protection. We also propose new checks for IPv6-specific vulnerabilities, such as bypassing firewalls using extension headers and reaching internal hosts through available transition mechanisms.The changes to the penetration testing process proposed in this paper can be used by security companies to make their penetration testing process applicable to IPv6 targets.
Fichier principal
Vignette du fichier
978-3-642-32808-4_9_Chapter.pdf (114.47 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01543169 , version 1 (20-06-2017)

Licence

Identifiers

Cite

Christiaan Ottow, Frank Van Vliet, Pieter-Tjerk De Boer, Aiko Pras. The Impact of IPv6 on Penetration Testing. 18th European Conference on Information and Communications Technologies (EUNICE), Aug 2012, Budapest, Hungary. pp.88-99, ⟨10.1007/978-3-642-32808-4_9⟩. ⟨hal-01543169⟩
133 View
416 Download

Altmetric

Share

More