IPv6 deployment has been steadily increasing over the past couple of years. In order to enable a
safe and secure deployment of IPv6 the security impact of implementation problems requires the same
attention as in IPv4. It is therefore important to be able to correctly assess if such problems are
present, this is an activity that is usually performed through penetration tests. This report is meant
as a starting point for IPv6 penetration tests and provides an overview of possible weaknesses
and vulnerabilities that an implementation can be tested for. For every vulnerability we provide a
description of the problem, a description of the solution, and we describe how to test if the vulnerability
is present. For the latter we also provide the specific tools and their parameters. These tools are all
open source and most of them are from the THC Toolkit and Gont's IPv6 Toolkit. Scapy, a packet
generator, is also employed due to its flexibility in creating specific packets. With the information in this
report, we hope to improve the quality of penetration tests and thereby reduce the threat of abuse and
attacks with regard to IPv6.
Access full document here....https://www.tno.nl/downloads/testing_the_security_of_IPv6_implementations.pdf
safe and secure deployment of IPv6 the security impact of implementation problems requires the same
attention as in IPv4. It is therefore important to be able to correctly assess if such problems are
present, this is an activity that is usually performed through penetration tests. This report is meant
as a starting point for IPv6 penetration tests and provides an overview of possible weaknesses
and vulnerabilities that an implementation can be tested for. For every vulnerability we provide a
description of the problem, a description of the solution, and we describe how to test if the vulnerability
is present. For the latter we also provide the specific tools and their parameters. These tools are all
open source and most of them are from the THC Toolkit and Gont's IPv6 Toolkit. Scapy, a packet
generator, is also employed due to its flexibility in creating specific packets. With the information in this
report, we hope to improve the quality of penetration tests and thereby reduce the threat of abuse and
attacks with regard to IPv6.
Access full document here....https://www.tno.nl/downloads/testing_the_security_of_IPv6_implementations.pdf