Digital Library

cab1

 
Title:      IPV6 NEIGHBOR DISCOVERY PROTOCOL: A SECURITY CASE STUDY*
Author(s):      Emilia Rosti , Julian Rrushi
ISBN:      972-99353-6-X
Editors:      Nuno Guimarães and Pedro Isaías
Year:      2005
Edition:      1
Keywords:      IPv6, network security, experimental evaluation, neighbor discovery protocol.
Type:      Full Paper
First Page:      313
Last Page:      320
Language:      English
Cover:      cover          
Full Contents:      click to dowload Download
Paper Abstract:      In this paper we present an experimental study of the security issues of the Neighbor Discovery protocol in an IPv6 native network. The Neighbor Discovery protocol allows a device on a network to gather information about the current network configuration parameters from the other devices already on the network and to auto-configure its network interface based on the information thus gathered. Since such a protocol operates without any security feature, as its trust model assumes a fully trustworthy network. As such, it is vulnerable to any attack that distributes bogus information. We have developed FRAG, a tool that allows a user to build router advertisement messages with arbitrary parameter values, in order to launch specific attacks. The attacks we describe in this paper have been conducted in a lab setting reproducing a wide area network. Our work shows how a router can be mislead into changing even statically configured parameters, if it accepts router advertisements from other routers. The consequences of such changes range from isolating the victim machine from network traffic, to a complete denial of service.
   

Social Media Links

Search

Login