Fake router detection – practical experience

IPv6, Monitoring, Security, Videos @GN3 IPv6 Workshop - Networking without IPv4?

6to4 (RFC 3056) is a transition mechanism allowing users to communicate with IPv6 enabled sites and services with minimal manual configuration. Globally unique IPv4 address is the only prerequisite. Together with anycast prefix for 6to4 routers (defined in RFC 3068) provides a simple solution, how even an end site can obtain IPv6 connectivity. The mechanism is implemented in all major operation systems. The presentation is focused on problems in local area networks caused by 6to4 implementation in Windows Vista/7. Several monitoring tools are presented, unfortunately, the tools can protect a network only againts missconfigured hosts. The only proper solution is filtering malicious traffic on all access ports. However, the implementation is still not available on most networking equipment.

About the Author

Matej Gregr

http://www.fit.vutbr.cz/~igregr/ igregr@fit.vutbr.cz

PhD student at Brno University of Technology. He teaches network related courses and his research concerns IPv6 security, monitoring and deployment. He works also as a network administrator at Brno campus network and participates in the European project - G√ČAN3 Campus Best Practice.

Matej GregrFake router detection – practical experience