[LAC-TF] [LACNIC/Seguridad] Fwd: IPv6 Address Analysis - Privacy In, Transition Out

GGL guillermoguzmanl at gmail.com
Tue May 21 11:46:50 BRT 2013


Estimados Señores(as)

Estoy realizando un trabajo de implementación IPv6, en la Universidad en la
cual laboro.
Necesito saber si conocen de algún site, que contengan tablas de cuales IOS
de cisco
soporten IPv6, asi también para las diferentes plataformas operativas
WindowsXP y
distribuciones de Linux

Gracias a todos.



2013/5/17 Arturo Servin <aservin at lacnic.net>

>
>         Muy interesante artículo de Internet Society, gracias por
> compartir.
>
>         Y que bien que usaron tu trabajo para generar algunos resultados,
> felicidades!
>
> Slds
> as
>
> On 17 May 2013, at 00:10, Fernando Gont wrote:
>
> > FYI.
> >
> > Fuente:
> > <
> http://www.internetsociety.org/blog/2013/05/ipv6-address-analysis-privacy-transition-out
> >
> >
> > ---- cut here ----
> > IPv6 Address Analysis - Privacy In, Transition Out
> > Mat Ford
> >
> > IPv6 addresses come in a variety of forms. Examining the bit-patterns of
> > an IPv6 address can tell us, or give a strong indication, about the way
> > that it was generated. In early work on the subject, Dave Malone
> > explains, "IPv6 addresses are longer than IPv4 addresses, and are so
> > capable of greater expression. Given an IPv6 address, conventions and
> > standards allow us to draw conclusions about how IPv6 is being used on
> > the node with that address."
> >
> > At the recent Internet Engineering Protocol Group (IEPG) meeting in
> > Orlando, Florida, Fernando Gont presented his work on Scanning the IPv6
> > Internet: theory & practice. The much larger address space of IPv6 makes
> > crude brute-force network scans unfeasible. In his presentation Fernando
> > talked about the ways in which IPv6 changes the network reconnaissance
> > game because of this and he also presented the IPv6 Toolkit suite of
> > IPv6 security and troubleshooting tools that he has developed.
> >
> > Gont has built on Malone's earlier work by providing a tool (address6)
> > to analyse large numbers of IPv6 addresses and classify them into
> > various categories depending on whether they appear to be
> > auto-generated, randomised privacy addresses, manually configured
> > low-byte or IPv4-based addresses and so on. These categories are
> > described in more detail in the IETF Operational Security Capabilities
> > for IP Network Infrastructure (opsec) Working Group document, "Network
> > Reconnaissance in IPv6 Networks."
> >
> > Malone's results are presented in Figure 1. As the opsec WG document
> > observes, '[Malone's] are the most comprehensive address-measurement
> > results that have so far been made publicly available', and, 'evolution
> > of IPv6 implementations, changes in the IPv6 address selection policy,
> > etc. since [Malone2008] was published might limit (or even obsolete) the
> > validity of these results.'
> >
> >
> > [Figure 1 - Results from Malone2008]
> >
> > Given some webserver logs and Gont's address6 tool it is fairly trivial
> > to explore whether the ratios of client address types have in fact
> > changed since 2008. Using the last 12 months worth of webserver logs for
> > the Internet Society's website, comprising over 50,000 unique IPv6
> > addresses, the following results were obtained.
> >
> > Less than 2% of connections used the 6to4 transition technology while
> > the remainder were native IPv6 connections, a mark of the growing
> > maturity of the IPv6 Internet. This result is mirrored in the IPv6
> > statistics produced by Google that show that the use of transition
> > technology has been declining since 2010 and now less than 1% of users
> > that access Google over IPv6 are using a transition technology. It's
> > also probably worth noting that we saw no Teredo connections in the
> period.
> >
> > Figure 2 shows a more detailed analysis of the interface identifiers in
> > the sample. This is very strikingly different to Malone's results from
> > 2008 and clearly shows the impact of changes to IPv6 implementations in
> > the intervening period. The vast majority (nearly 70%) of addresses are
> > now classified as 'Randomized', while the auto-configured addresses that
> > previously comprised 50% of the sample are now less than 8%. IPv4-based
> > addresses are still a significant proportion (nearly 14%) and the
> > manually-generated 'low-byte' addresses are just over 6%, similar to
> > Malone's result.
> >
> > [Figure 2 - IPv6 Interface ID analysis]
> >
> > These measurement results update the public understanding of IPv6
> > address types in use today and show us that randomized interface
> > identifiers are far more prevalent than they used to be. It is also
> > notable that transition technologies (Teredo and 6to4) are either
> > non-existent or very little used on the IPv6 Internet of 2013.
> >
> > Acknowledgements: Thanks to Peter Godwin at the Internet Society for
> > providing access to the webserver logs necessary for this analysis.
> > ---- cut here ----
> >
> > Saludos,
> > --
> > Fernando Gont
> > SI6 Networks
> > e-mail: fgont at si6networks.com
> > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
> >
> >
> >
> >
> > _______________________________________________
> > Seguridad mailing list
> > Seguridad at lacnic.net
> > https://mail.lacnic.net/mailman/listinfo/seguridad
>
> _______________________________________________
> LACTF mailing list
> lactf at lac.ipv6tf.org
> https://mail.lacnic.net/mailman/listinfo/lactf
>



-- 
 “Aquellos que están en guerra con otros, no están en paz con ellos
mismos.”   William Harvey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.lacnic.net/pipermail/lactf/attachments/20130521/0157a2be/attachment.html>


More information about the LACTF mailing list