I. INTRODUCTION
Handling threats due to Internet Protocol version 6 (IPv6)
deployment become an important issue to be discovered [1],
[2], [3], [4]. Since enterprises need to deploy IPv6 sooner or
later, they must also consider about the security issues related
to IPv6 deployment. Therefore, we need to run a testing of
several attacks which related to the IPv6 deployment in order
to create an appropriate set of security policy that can be
implemented and enforced in the host firewall and also the
perimeter firewall.
This paper focuses on attacks testing setup using Graphical
Network Simulator 3 (GNS3) simulation software [5]. The
GNS3 supports any testbed simulation using Cisco routers.
The testbed simulation focuses on testing several attacks
which related to the Internet Control Message Protocol for
IPv6 (ICMPv6) [6]. Attacking activities have been conducted
using THC IPv6 Toolkits [7] and Scapy [8] in order to test on
IPv6 attacks. The documentation of ip6tables in RFC 4890 has
been considered in our testing simulation. However, some
464
465
R1#sh run
Building configuration...
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip
address
192.168.32.2
255.255.255.0
duplex auto
speed auto
ipv6
address
2607:F0D0:1002:52::2/64
ipv6 enable
!
interface FastEthernet0/1
ip
address
192.168.33.3
255.255.255.0
duplex auto
speed auto
ipv6
address
2607:F0D0:1002:53::3/64
ipv6 enable
!
End
466
T ABLE I.
No.
Time
Source
Destination
Protocol
Info
0.000000
c4:01:0a:74:00:01
c4:01:0a:74:00:01
LOOP
Reply
3.933787
2607:f0d0:1002:52:230:18ff:fea3:7559
2607:f0d0:1002:53:a00:27ff:fe96:b186
TCP
3.933804
2607:f0d0:1002:53:a00:27ff:fe96:b186
2607:f0d0:1002:52:230:18ff:fea3:7559
TCP
4.135994
2607:f0d0:1002:52:230:18ff:fea3:7559
2607:f0d0:1002:53:a00:27ff:fe96:b186
TCP
4.136011
2607:f0d0:1002:53:a00:27ff:fe96:b186
2607:f0d0:1002:52:230:18ff:fea3:7559
TCP
4.209749
2607:f0d0:1002:52:230:18ff:fea3:7559
2607:f0d0:1002:53:a00:27ff:fe96:b186
HTTP
4.209755
2607:f0d0:1002:53:a00:27ff:fe96:b186
2607:f0d0:1002:52:230:18ff:fea3:7559
TCP
T ABLE II.
No.
1
Time
Source
Destination
Protocol
Info
0.00000
0
2.85805
7
7.87003
9
c4:01:0a:74:00:01
c4:01:0a:74:00:01
LOOP
Reply
2607:f0d0:1002:52:230:18ff:fea3:7
559
fe80::c601:aff:fe74:1
2607:f0d0:1002:53:a00:27ff:fe96:
b186
2607:f0d0:1002:53:a00:27ff:fe96:
b186
TCP
7.87006
4
2607:f0d0:1002:53:a00:27ff:fe96:b
186
fe80::c601:aff:fe74:1
ICMPv6
10.0072
76
c4:01:0a:74:00:01
c4:01:0a:74:00:01
LOOP
2
3
ICMPv6
467
T ABLE III.
No.
1
2
3
4
5
Time
Source
Destination
0.0000
00
0.0000
29
2.5597
02
2.5597
25
2.6295
53
2607:f0d0:1002:52:230:18ff:fea3:
7559
2607:f0d0:1002:53:a00:27ff:fe96:
b186
2607:f0d0:1002:52:230:18ff:fea3:
7559
2607:f0d0:1002:53:a00:27ff:fe96:
b186
c4:02:05:08:00:01
2607:f0d0:1002:53:a00:27ff:fe96:
b186
2607:f0d0:1002:52:230:18ff:fea3:
7559
2607:f0d0:1002:53:a00:27ff:fe96:
b186
2607:f0d0:1002:52:230:18ff:fea3:
7559
c4:02:05:08:00:01
T ABLE IV.
No.
1
LOOP
Destination
c4:02:05:08:00:01
Protocol
LOOP
2607:f0d0:1002:52:230:18ff:fea
3:7559
2607:f0d0:1002:53:a00:27ff:fe96
:b186
IPv6
1.6065
23
2607:f0d0:1002:53:a00:27ff:fe9
6:b186
2607:f0d0:1002:52:230:18ff:fea3
:7559
ICMPv6
6.6037
58
fe80::a00:27ff:fe96:b186
fe80::c602:5ff:fe08:1
ICMPv6
6.6190
23
6.6218
43
fe80::c602:5ff:fe08:1
fe80::a00:27ff:fe96:b186
ICMPv6
fe80::c602:5ff:fe08:1
2607:f0d0:1002:53:a00:27ff:fe96
:b186
ICMPv6
V. CONCLUSION
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
REFERENCES
[4]
ICMPv6
[3]
IPv6
Source
c4:02:05:08:00:01
[2]
ICMPv6
Info
IPv6 fragment (nxt=TCP (0x06) off=800
id=0x2)
Parameter Problem (erroneous header field
encountered)
IPv6 fragment (nxt=TCP (0x06) off=800
id=0x2)
Parameter Problem (erroneous header field
encountered)
Reply
Time
0.0000
00
1.6064
98
[1]
Protocol
IPv6
[14]
[15]
[16]
468
Info
Reply
[17]
[19]
469