DNS Service Discovery - Summary of Basic Functionalities
This white paper is a selective extract of the DNS-SD RFC 6763, aiming at providing summary of the basic functionalities of this protocol. It was used as a basis for my ongoing DNS-SD research, and it is uploaded for conveniences purposes for the community.
DNS-SD review.pdf
Adobe Acrobat Document 68.0 KB
Mutlticast DNS (mDNS) Summary of Basic Functionalities
This white paper is a selective extract of the mDNS IETF RFC 6762 aiming at providing summary of the basic functionalities of this protocol. It was used as a basis for my ongoing mDNS research, and it is uploaded for conveniences purposes for the community.
mDNS review.pdf
Adobe Acrobat Document 72.7 KB
IPv6 Router Advertisement Flags, RDNSS and DHCPv6 Conflicting Configurations: Operational & Security Implications
IPv6 defines several mechanisms for host configuration regarding addresses and DNS information, using Router Advertisements and DHCPv6. This is really good from a flexibility perspective, but, what will happen if there is contradictory configuration information provided by either one source or from more than one source? What if, for instance, the M-flag is set and a prefix information is also advertised with the A flag set? What if RDNSS information is provided from both RAs and a DHCPv6 server? Do hosts follow the aforementioned recommendation? And, what if the contradictory information is provided by RAs sent by two different routers? In all these cases, are there any operational implications, or even worse, can an attacker take advantage of such cases in order to launch (potentially very subtle) attacks?
This white paper examines some interesting cases and attempts to give an indication on what to accept (or not).
IPv6_RAs_RDNSS_DHCPv6_Conflicting_Parame
Adobe Acrobat Document 394.4 KB
Penetration Testing Tools that (do not) Support IPv6
This white paper presents the results of an extensive testing of penetration testing tools regarding their IPv6 support (at the time of its writing, of course), plus some workarounds.
PenTesting_Tools_that_Support_IPv6_v.1.1
Adobe Acrobat Document 3.3 MB
IPv6 Hardening guide for Linux servers
IPv6_Hardening_Guide_Linux_Servers_v1_0.
Adobe Acrobat Document 398.8 KB
IPv6 Hardening guide for Windows Servers
IPv6_Hardening_Guide_Windows_Servers_v1_
Adobe Acrobat Document 653.7 KB
IPv6 Hardening guide for MacOS-X
IPv6_Hardening_Guide_MacOS-X_v1_0.pdf
Adobe Acrobat Document 434.5 KB