.
+ I'll be doing IPv6 security training in Paris (France) next June:
https://hackinparis.com/trainings/#training-2019-hacking-ipv6-networks-v5-0-3-days
Thanks!
Cheers,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
ers will themselves be
the ones dropping their own traffic.
cut here
Is this something waiting to be exploited? Am I missing something?
Thanks,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
Folks,
FYI: https://www.rfc-editor.org/rfc/rfc7359.txt
Best regards,
Fernando Gont
Forwarded Message
Subject: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel
Traffic Leakages in Dual-Stack Hosts/Networks
Date: Tue, 26 Aug 2014 18:23:00 -0700 (PDT)
From: rfc-edi
/
***
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJT9oizAAoJEK4lDVUdTnSS9xIQAKaDyPAqxmtdzhKXOU1t3NqQ
JD4XAfXWe6FnJCpYwCfj7SQWCxYUUx
the presentation: May 4th,
2014
9th Network Security Event for Latin America and the Caribbean
(LACSEC 2014)
Chair
Fernando Gont (SI6 Networks/UTN-FRH, Argentina)
Evaluation Committee
Iván Arce (Fundación Sadosky, Argentina)
Carlos A. Ayala Rocha (Arbor Networks, Mexico)
Julio César
paths are
selected based on the value of a number of variables.
Configuration file is dynamically generated, with the right path
to the oui.txt file.
= CHANGELOG =
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25
organizers, and
Enno Rey, for the warm reception, and the great time.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
,
please check the security conferences we will be attending this year
http://www.si6networks.com/index.html#conferences.
As always, you can follow us on Twitter to get the latest news about
IPv6 security: @SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg
the
ipv6hackers mailing list:
http://www.si6networks.com/community/mailing-lists.html.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
systems across networks, even if they employ the
so-called Privacy Address (and yes, that includes Microsoft Windows
systems).
Thanks,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE
of Linux, FreeBSD,
NetBSD, OpenBSD, and Mac OS X.
Please send any bug reports and/or feature requests to
fg...@si6networks.com.
As always, you can get the latest news on IPv6 security research and
tools by following us on Twitter: @SI6Networks.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e
Implications of IPv6 Fragmentation with IPv6
Neighbor Discovery
URL:
http://www.ietf.org/internet-drafts/draft-ietf-6man-nd-extension-headers-02.txt
Thanks,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
perform an assessment of your
implementation with respect to the identified issues.
Thanks!
Best regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
--
Fernando Gont
SI6 Networks
e-mail: fg
://www.si6networks.com
And yes, you can follow us on Twitter: @SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
, slideware, videos, and other materials
about IPv6 security at our web site: http://www.si6networks.com
And yes, you can follow us on Twitter: @SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E
trainings http://www.hackingipv6networks.com/upcoming-t
Follow us on twitter: @SI6Networks
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU
://www.hackingipv6networks.com/upcoming-t, and
currently includes trainings in Ghent (Belgium), Lisbon (Portugal), and
Rio de Janeiro (Brazil).
Please follow us on Twitter to get the latest news about the IPv6
Toolkit and IPv6 security: @SI6Networks
Thanks!
Best regards,
--
Fernando Gont
SI6
...
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
on twitter: @SI6Networks
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJP8kDSAAoJEK4lDVUdTnSSm18QAJng/bbmhdOUXxZx26pf9kIr
in the article does it say anything about vast address
space... enables attacks?
The title and the article don't match.
I might agree. The title was changed pre-publication. -- My original
title was something along the lines of Host scanning in IPv6 networks.
Cheers,
--
Fernando Gont
SI6 Networks
e
, it's a human-readable version of the IETF Internet-Draft I
published a month ago or so about IPv6 host scanning (see:
http://www.si6networks.com/presentations/ietf.html))
Cheers,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55
Folks,
FWIW, the full article is available at the URL below (you don't need to
subscribe... just scroll the window down).
CHeers,
Fernando
On 06/08/2012 07:32 AM, Fernando Gont wrote:
Folks,
TechTarget has published an article I've authored for them, entitled
Analysis: Vast IPv6 address
? -- Follow us on Twitter: @SI6Networks
Thanks,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJPvIk7AAoJEK4lDVUdTnSSe3sP/AxzLHwfKyC4Yg
Report -- Carlos Ayala (Arbor Networks)
IPv6 Network Reconnaissance -- Fernando Gont (SI6 Networks)
Invited talk: RPKI: Experiences after one year of operation, and next
steps -- Carlos Martinez (LACNIC) Arturo Servin (LACNIC)
Additionally, LACSEC 2012 will feature a slot for Lightning Talks
implications of native IPv6
support and IPv6 transition/co-existence technologies on IPv4-only
networks, and describes possible mitigations for the aforementioned
issues.
cut here
Any feedback will be very welcome.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg
... but hopefully a good
starting point, and a nice reading ;-) ).
Thanks!
P.S.: Public discussion mostly welcome on the IPv6 hackers mailing-list
http://lists.si6networks.com/listinfo/ipv6hackers/, but I'd be happy
to discuss it here, too.
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg
at:
http://www.si6networks.com/presentations/index.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
.
cut here
Interested in IPv6 security? -- Follow us on Twitter: @SI6Networks
Interested in discussing IPv6 security topics? -- Join the ipv6hackers@
mailing-list at: http://www.si6networks.com/community/mailing-lists.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg
: internet-dra...@ietf.org
To: fg...@si6networks.com
A new version of I-D, draft-gont-6man-predictable-fragment-id-01.txt has
been successfully submitted by Fernando Gont and posted to the IETF
repository.
Filename:draft-gont-6man-predictable-fragment-id
Revision:01
Title
Folks,
FYI, just posted:
http://blog.si6networks.com/2012/02/ipv6-nids-evasion-and-improvements-in.html
It contains some test results regarding the implementation of RFC 5722
and draft-ietf-6man-ipv6-atomic-fragments.
Thanks,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP
Folks,
FYI, we've published a new IETF I-D entitled Security and
Interoperability Implications of Oversized IPv6 Header Chains.
The I-D is available at:
http://tools.ietf.org/id/draft-gont-6man-oversized-header-chain-00.txt
Any feedback will be very welcome.
Thanks,
--
Fernando Gont
SI6
Folks,
FYI. (the RFC is available at: http://www.rfc-editor.org/rfc/rfc6528.txt)
A new Request for Comments is now available in online RFC libraries.
RFC 6528
Title: Defending against Sequence Number Attacks
Author: F. Gont, S. Bellovin
Status:
...@ietf.org, and CC me if possible.
Thanks!
Best regards,
Fernando
Original Message
Subject: RA-Guard: Advice on the implementation (feedback requested)
Date: Wed, 01 Feb 2012 21:44:29 -0300
From: Fernando Gont fg...@si6networks.com
Organization: SI6 Networks
To: IPv6
.: The whole article is available online, and you can read it even
without registering... just scroll the web page...
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
* Deadline for proposal submission: February 15th, 2012
* Notification of acceptance: February 27th, 2012
* Deadline for submitting the final version the presentation: May 6th, 2012
7th Network Security Event for Latin America and the Caribbean
(LACSEC 2012)
Chair
Fernando Gont (SI6 Networks/UTN
, a discussion of possible
issues with SEND as a result of IPv6 fragmentation.
Any feedback will be very appreciated.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
and
employed in the IPv4 world.
Any feedback will be greatly appreciated. -- If possible, send your
feedback to: v6...@ietf.org (the relevant IETF mailing-list), and CC'me.
Follow Us on Twitter: @SI6Networks
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP
Follow Us on twitter: SI6Networks
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux
.
Any feedback will be really appreciated.
P.S.: Also, feel free to discuss the I-D on the ipv6hackers mailing-list
http://lists.si6networks.com/listinfo/ipv6hackers/
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25
,
the corresponding security implications, and formally updates RFC
2460 and RFC 5722 such that the attack vector based on atomic
fragments is completely eliminated.
cut here
Any feedback will be very appreciated.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
-lists.html.
Thanks!
Best regards,
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJOybnrAAoJEK4lDVUdTnSSL+IP/1tzwbRp/ZNpfnJMXh4/1G8g
-ipv6-networks.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
(during DEEPSEC 2011). Please check out the details at
http://www.si6networks.com/index.html#conferences.
Thanks!
- --
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
Web: www.si6networks.com | Twitter: @SI6Networks
to join the IPv6 Hackers
mailing-list: http://www.si6networks.com/community/mailing-lists.html
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
we will have some
discussion about that over there.
Yep... will post something right now, and see if that triggers discussion.
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
post, curiously enough the problem statement
(RFC6104) is about accidental RAs, while the RA-Guard spec itself aims
to be a security device.
Thanks,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
web: http://www.si6networks.com
examples.
Thanks!
Best regards,
--
Fernando Gont
Hacking IPv6 Networks Security Trainings
e-mail: fg...@hackingipv6networks.com
web: http://www.hackingipv6networks.com
be
cooperating more between each other regarding IPv6 security
Thanks,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
://www.cpni.gov.uk/Documents/Publications/2011/2011mar22-infosec-cpni_viewpoint_security_implications_of_IPv6.pdf
Best regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org PGP
Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
this and other related issues is available at
my web site: http://www.gont.com.ar
Thanks!
Best regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
* Deadline for submitting the final version the presentation: May 9th, 2011
“6th Network Security Event for Latin America and the Caribbean” (LACSEC
2011)
Chair
Fernando Gont (UTN/FRH, Argentina)
Evaluation Committee
Eduardo Carozo (Amparo Project, Uruguay)
Lorena Ferreyro (Independent
port
numbers). This memo documents an Internet Best Current Practice.
cut here
The RFC is available at: http://www.rfc-editor.org/rfc/rfc6056.txt
P.S.: Below you'll find the formal announcement sent out by the RFC Editor.
Thanks!
Best regards,
Fernando Gont
Original Message
PM, Fernando Gont fernando.g...@gmail.com wrote:
Folks,
I thought you might enjoy the slides of a talk about IPv6 security I
gave last week at LACNOG (http://www.lacnog.org). The slides are
available at:
http://www.gont.com.ar/talks/lacnog2010/fgont-lacnog2010-ipv6-security.pdf
://www.lacnog.org/en/meetings/lacnog-2010/agenda-lacnog-2010)
Thanks!
Kind regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
Hi,
I'm curious if anybody is aware of the details of the IPv6 DoS
vulnerabilities listed in the aforementioned advisory (available at:
http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml).
Thanks!
Kind regards,
Fernando
generation one).
P.S.: Related technical reports, presentations and stuff available at:
http://www.gont.com.ar
Thanks!
Kind regards,
Fernando Gont
of the Internet Protocol that I wrote for CPNI a couple of
years ago, and that is available at:
http://www.cpni.gov.uk/Docs/InternetProtocol.pdf
Any comments will be more than welcome! -- feel free to post them
here, or send them unicast to me at: ferna...@gont.com.ar
Thanks!
Kind regards,
Fernando Gont
.
Thanks!
Kind regards,
--
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello, folks,
In February this year the UK CPNI published the document Security
Assessment of the Transmission Control Protocol (TCP) (available at:
http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf)
Earlier this year we published
it to
the mailing-list, even if you are not subscribed to it. (Alternatively,
you can send me your input, and I could forward it to the t...@ietf.org
mailing-list).
Thanks!
Kind regards,
- --
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE
of the document on my personal web
site: http://www.gont.com.ar
Any comments will be more than welcome.
Kind regards,
- --
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
-BEGIN PGP SIGNATURE-
Version: GnuPG
(although your message will be held for moderator approval before
it is distributed to the list members).
The deadline for posting your opinion is January 9th (next Friday).
Thanks so much!
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003
the identified issues get documented in an
official IETF document, and hopefully the IETF standards are modified as
necessary.
Any feedback on the IETF I-D and/or the original UK CPNI document will be
more than welcome.
Thanks!
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version
is available at CPNI's web site:
http://www.cpni.gov.uk/Products/technicalnotes/3677.aspx
Any comments will be more than welcome.
Kind regards,
Fernando Gont
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.5.3 (Build 5003) - not licensed for commercial
use: www.pgp.com
wsBVAwUBSKSBzGl
with whatever comments we receive in the next few weeks.
Thanks,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
.
Agreed. I will try to address the issues you raised in the next
revision of the draft.
Thanks!
Kind regards,
Fernando Gont
.
Feel free to post your comments/questions on-list or privately at:
[EMAIL PROTECTED]
Thanks,
--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
68 matches
Mail list logo