IPv6 is already available on all modern operating systems and network devices. It can be used today by those seeking to bypass firewalls, steal data, consume resources or simply eavesdrop. Significant amounts of IPv6 traffic now circulate on global networks, and running IPv4 alone is no protection. IPv6 and IPv4 usually operate independently over the same infrastructure, so additional and separate IPv6 security mechanisms must be implemented. Here are some resources for system and network administrators.
IPv6 Security: Protection Measures for the Next Internet Protocol,
Scott Hogg, Eric Vyncke.
Reviews potential security issues introduced by IPv6, and today's best solutions.
The tools below are useful for system administrators to audit, test and monitor the security of their IPv6 networks. They can be used for IPv6 troubleshooting, intrusion detection and security audits – or for exploiting IPv6 vulnerabilities. They have been freely available on the Internet for a long time to anyone who wants them, including crackers, spammers, black hats, white hats, and national security services. Please be certain you have the appropriate rights and permissions to access any networks on which you use this software. IPv6Now provides these links as an educational resource and accepts no liability for their use in any way.
Security Onion is a Linux distribution for intrusion detection and network security monitoring. It is based on Ubuntu and contains numerous security tools. The Setup wizard builds an army of distributed sensors for an enterprise in minutes. Security Onion provides visibility into network traffic and context around alerts and anomalous events. It seamlessly weaves together three core functions: full packet capture, network-based and host-based intrusion detection systems, and powerful analysis tools.
Nmap (Network Mapper) is a free and open source utility for network discovery and security auditing. It uses raw IP packets to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks. Nmap runs on all major computer operating systems.
THC-IPv6 is a complete toolset to attack the inherent protocol weaknesses of IPv6 and ICMP6. Partial list of tools:
BackTrack is a Linux-based penetration testing arsenal intended for all audiences, from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community. Feedback from all industries and skill levels allows us to truly develop a solution that is tailored towards everyone and far exceeds anything ever developed both commercially and freely available.
Scapy is a powerful interactive packet manipulation program for scanning and probing. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery. It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining techniques (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, etc).
Qualsys Website Scan checks websites for vulnerabilities, hidden malware and SSL security errors (requires registration, 10 free checks).