mh at mh-sec
Jun 16, 2011, 12:55 AM
Post #4 of 5
this is kinda a hopeless thing. I did a quick look at this a year ago -
everything there can be misused as a covert channel.
I even implemented a tool where you can just put data into destination
extension headers with unused options (the type which are ignored if
unknown) - and it bypasses all firewalls (fw-1, cisco asa, netscreen).
its called covert_send6 and can by found in my thc-ipv6 package at
but covert channels in ipv6 are a not so important security topic. a
simple proxy will already secure you from that, and a security
infrastructure which does not have a dmz based on secure application
gateways has a weak security design anyway.
covert channels in uper level protocols that survive security gateways -
thats the important stuff. (and still easy to do)
Am 15.06.2011 14:36, schrieb Rafa Sanchez:
> Hi folks,
> I´ve recently started off a research on IPv6 covert channels.
> It would be nice if anyone of you could give me whatever kind of
> infomation regarding covert Channels in IPv6.
> Greetings and thanks in advance.
> Rafa S.
Mobil: +49 177 9611560
Fax: +49 30 37309726
Marc Heuse - IT-Security Consulting
PGP: FEDD 5B50 C087 F8DF 5CB9 876F 7FDD E533 BF4F 891A