1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Sunny_sXe [5.5K]
3 years ago
9

You are asked to check your company’s configurations to determine if any filters should be built to stop certain ICMPv6 traffic.

Your supervisor asks for a list of ICMPv6 traffic or issues that are of concern and the reasons why such concerns could be a problem. Build a list for your supervisor. Include packet types or specific circumstances in which ICMPv6 traffic could compromise network security.
Computers and Technology
1 answer:
DedPeter [7]3 years ago
8 0

ICMPv6 is used by IPv6 nodes to report errors encountered in processing packets, and to perform other internet-layer functions, such as diagnostics.  An Internet Control Message Protocol (ICMP) flood attack, also known as a Ping flood attack, is a common Denial-of-Service (DoS) attack in which an attacker attempts to overwhelm a targeted device with ICMP echo-requests.

Explanation:

Issues that are of concern which could be a problem include :

Denial-of-Service Attacks  

  • ICMPv6 can be used to cause a denial of service (DoS) in a number of  ways, including simply sending excessive numbers of ICMPv6 packets to destinations in the site and sending error messages that disrupt  established communications by causing sessions to be dropped.

Probing

  • A major security consideration is preventing attackers from probing  the site to determine the topology and identify hosts that might be vulnerable to attack.  Carefully crafted but, often, malformed  messages can be used to provoke ICMPv6 responses from hosts thereby  informing attackers of potential targets for future attacks.  However, the very large address space of IPv6 makes probing a less effective weapon as compared with IPv4 . Redirection Attacks

Redirection Attacks

  • A redirection attack could be used by a malicious sender to perform  man-in-the-middle attacks or divert packets either to a malicious  monitor or to cause DoS by blackholing the packets.  These attacks would normally have to be carried out locally on a link using the Redirect message.  Administrators need to decide if the improvement  in efficiency from using Redirect messages is worth the risk of  malicious use.  Factors to consider include the physical security of   the link and the complexity of addressing on the link

Renumbering Attacks

  • Spurious Renumbering messages can lead to the disruption of a site.  Although Renumbering messages are required to be authenticated with  IPsec, so that it is difficult to carry out such attacks in practice,  they should not be allowed through a site boundary firewall.  On the  other hand, a site may employ multiple "layers" of firewalls.

Problems Resulting from ICMPv6 Transparency

  • Because some ICMPv6 error packets need to be passed through a  firewall in both directions, malicious users can potentially use  these messages to communicate between inside and outside, bypassing  administrative inspection.

Packet types or specific circumstances in which ICMPv6 traffic could compromise network security :

Ping sweep — A type of attack that uses ICMP echo request messages to enumerate live hosts on a network.

Ping flood — Utilized to launch a denial of service attack (DoS), where the attacker sends ICMP requests in a rapid succession without waiting for the targeted system to respond.

ICMP tunneling — A method used to establish a covert communication channel between remote systems, most times between a client and a proxy. All communications are sent via ICMP requests and replies

Forged ICMP redirects —  The attacker would send a ICMP redirect message, which informs a host of a direct path to a destination, to the victim that contains the IP addresses of the attacker’s system. This allows an attacker to compromise network traffic via a man-in-the-middle attack or cause a DoS.

You might be interested in
If I write too much for an exam answer, do I get downgraded?
Degger [83]

Answer:

I don't think so

Explanation:

4 0
3 years ago
Drag the tiles to the correct boxes to complete the pairs.
Gala2k [10]

Answer:

So the first one i think is A. The second is 2, and that i do know

Explanation:

6 0
3 years ago
Word processing programs have different view options that you can use depending on the tasks you’re performing. Which option hel
gizmo_the_mogwai [7]
Preview, in MS word. It goes for print or publishing, whatever you desire.
7 0
3 years ago
Public static void prefixmerge(customer[] list1, customer[] list2, customer[] result {
White raven [17]
I can't get what do you need, but I guess it's a part of java code. I can explain what it means. It's used to unite two rising sorted arrays which are list1 and list2. The result is stored in result array. I suggest you to clearly explain your task as it's difficult to give you correct answer.
8 0
3 years ago
In Microsoft Word, when you highlight existing text you want to replace, you're in 
umka2103 [35]

Answer:

i honestly believe that its type over mode, hope it helps

Explanation:

6 0
3 years ago
Other questions:
  • How do media and networks interact
    11·1 answer
  • Joshua takes ownership of all his tasks. Which quality is he demonstrating?
    9·2 answers
  • Webster defines risk as "the possibility of loss or injury". Therefore, driving a motor vehicle is a risk.
    12·1 answer
  • You are adding new wires in your building for some new offices. The building has a false ceiling that holds the lights and provi
    8·1 answer
  • What is information technology
    11·1 answer
  • What are the three uses of a screw?​
    13·2 answers
  • private members of a class are accessible only from _____________ of the same class or from their friends
    12·1 answer
  • Question 2 of 10
    12·1 answer
  • Which of the following would most likely be the target audience for a product
    7·2 answers
  • If you select one slice of pie in a pie chart, you have selected a ____
    13·2 answers
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!