Re: EXPERT IPv6 network scaning

[David Fifield <david () bamsoftware com>]

On Mon, Mar 26, 2012 at 11:11:24PM +0530, niteesh kumar wrote:
> On Sun, Mar 25, 2012 at 10:56 PM, niteesh kumar <niteesh3 () gmail com> wrote:
>
> > On Fri, Mar 23, 2012 at 12:38 AM, David Fifield <david () bamsoftware com>wrote:
> >
> > > On Wed, Mar 21, 2012 at 09:15:27PM +0530, niteesh kumar wrote:
> > > > Hi,
> > > > Hi, I'm Niteesh Kumar, from India. I'm an undergraduate in, Department
> > > of
> > > > Computer Science and Engineering,Indian Institute of Technology
> > > Guwahati ,
> > > > India. I'm really interesting about networking specially security of
> > > > protocols. Specially developing IDS/IPS and network monitoring systems,
> > > > network applications and learning new technologies. I really like to get
> > > > involve  with your projects. I want to focus on expert IPv6, I have
> > > prior
> > > > experience of SoC With UMIT. M also working on developing IDS for LAN
> > > based
> > > > attacks IPv6 as a research academic project.
> > >
> > > Thanks Niteesh. It sounds as if you've got a lot of experience and I
> > > hope you submit a proposal. Please let us know if you have questions
> > > about what IPv6 jobs are needed. I think some interesting areas are
> > > local multicast host discovery (finding hosts even on a /64 LAN), remote
> > > host discovery (are there other probes like ICMPv4 timestamp request
> > > that we can use for IPv6?), and testing NSE scripts to make them
> > > IPv6-capable.
> >
> > i m currently trying resolve IPs in network using MLD probes in IPv6
> > network (local network ) . m expecting results on efficiency and
> > correctness of this mechanism in a day or two.
>
> today i checked using MLD probes and max time to response set to 0. all
> machines (in my small test bed there were 2 machines with IP belonging to
> same multicast group)  respond to specific multicast group MDL query also
> similar behavior was observed for general query . I also observed that
> sending Echo request to all node multicast address machine with linux
> (ubuntu/fedora) do respond with echo reply. this can be used to scan ip`s
> present in an IPv6  network. David i need your inputs to this, if you also
> conducted some of similar experiments and got similar or different results

I'm interested in what you were able to find using MLD probes. Can you
share the tools or commands that you used to run this test?

As for multicast echo requests, that is already implemented as a script.
There are also two other multicast techniques we support. One good
summer project would be to 1) make Nmap aware of when such techniques
can automatically be used in place of unicast probes, and 2) make it
automatically use these techniques in place of unicast probes when it
can.

http://nmap.org/nsedoc/scripts/targets-ipv6-multicast-echo.html
http://nmap.org/nsedoc/scripts/targets-ipv6-multicast-invalid-dst.html
http://nmap.org/nsedoc/scripts/targets-ipv6-multicast-slaac.html

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/