Essay: Reconnaissance attacks in IPv6 networks

Essay details:

  • Subject area(s): Information technology essays
  • Reading time: 2 minutes
  • Price: Free download
  • Published on: September 9, 2015
  • File format: Text
  • Number of pages: 2
  • Reconnaissance attacks in IPv6 networks
    0.0 rating based on 12,345 ratings
    Overall rating: 0 out of 5 based on 0 reviews.

Text preview of this essay:

This page of the essay has 500 words. Download the full version above.

2.1.1 Reconnaissance attacks in IPv6 networks
The 1st larger attack in IPv6 is usually a reconnaissance attack. An attacker try reconnaissance attacks to get some confidential information about the victim network that can be misused by the attacker in further attacks. For this he uses active methods, such as scanning techniques or data mining strategies. To start, an intruder begins to ping the victim network to determine the IP addresses currently used in the victim network. After getting some of the accessible system, he starts to scan the port to find out any open port in the desired system. The size of subnet is bigger than that of the in IPv4 networks. To perform a scan for the whole subnet an attacker should make 264 probes and that???s impossible. With this fact, IPv6 networks are much more resistant to reconnaissance attacks than IPv4 networks. Unfortunately, there are some addresses which are multicast address in IPv6 networks that help an intruder to identify and attack some resources in the target network.
2.1.2 Security threats related to IPv6 routing headers
As per IPv6 protocol specification, all of the IPv6 nodes must be able to process routing headers. In fact, routing headers can be used to avoid access controls based on destination addresses. Such action can cause security effects. It may be happen that an attacker sends a packet to a publicly accessible address with a routing header containing a ???forbidden??? address on the victim network. In such matter the publicly accessible host will forward the packet to the destination address stated in the routing header even though that destination is already filtered before as a forbidden address. By spoofing packet source addresses an intruder can easily perform denial of service attack with use of any publicly accessible host for redirecting attack packets.
2.1.3 Fragmentation related security threats
As per IPv6 protocol specification, packet fragmentation by the intermediate nodes is not permitted. Since in IPv6 network based on ICMPv6 messages, the usage of the path MTU discovery method is a duty, packet fragmentation is only allowed at the source node.1280 octets is the minimal size of the MTU for IPv6 network. The packets with size less than 1280 octets to be discarded unless it???s the last packet in the flow as per security reasons. With use of fragmentation, an attacker can get that port numbers not found in the first fragment and thus they bypass security monitoring devices expecting to find transport layer protocol data in the very first fragment. An attacker will send a huge amount of small fragments and create an overload of reconstruction buffers on the victim system which resulted to the system crash. To prevent system from such attacks it???s necessary to bound the total number of fragments and their permissible arrival rate.

About Essay Sauce

Essay Sauce is the free student essay website for college and university students. We've got thousands of real essay examples for you to use as inspiration for your own work, all free to access and download.

...(download the rest of the essay above)

About this essay:

This essay was submitted to us by a student in order to help you with your studies.

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay Sauce, Reconnaissance attacks in IPv6 networks. Available from:<> [Accessed 27-05-20].

Review this essay:

Please note that the above text is only a preview of this essay.

Review Title
Review Content

Latest reviews: