Saturday, April 20, 2024
Latest:
Computer NetworksNETWORKS

Aruba AOS-CX 10.5 IPv6 RA Guard – Discussion, Config and Testing

Alice AUSTIN



Techniques to circumvent IPv6 RA Guard are well known and now AOS-CX, as of 10.5, offers this feature, I thought I would try my hand at exploiting those attack vectors.
In this video:
👉 I give a general overview of Router Advertisements, RA Guard and discuss those vectors.
👉 Run through the AOS-CX configuration.
👉 Craft some roguish packets with Chiron & view them with Wireshark.
👉 Put AOS-CX under test.

Timestamps:
00:00 Intro
04:30 RA Guard test network
07:30 RA Guard attack vectors
11:55 Testing RA Guard with Chiron
13:55 Updated test details
14:40 AOS-CX RA Guard configuration
20:05 Wireshark, Chiron & crafting packets
28:54 RA Guard Test
31:30 Wrap-up

Chiron:
https://github.com/aatlasis/Chiron

RFC quoted:
https://tools.ietf.org/html/rfc7113

RA Guard testing:

Testing RFC 6980 Implementations with Chiron


https://static.ernw.de/whitepaper/ERNW_Whitepaper62_RA_Guard_Evasion_Revisited_v1.0.signed.pdf

Recent document discussing Extension Headers (July 2020):
https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-packet-drops-04

twitter:

source
ipv6

Alice AUSTIN

Alice AUSTIN is studying Cisco Systems Engineering. He has passion with both hardware and software and writes articles and reviews for many IT websites.

You May Also Like

Why IP Address Is Important | IP Address | IP Address Explained | Internet Protocol (IP)

Alice AUSTIN

IP address CCNA #cisco #ccna #network #routing #osimodel #technology

Alice AUSTIN

BlackVue DR750-2CH LTE First Look | 4G LTE-Integrated | BlackboxMyCar

Leave a Reply

Your email address will not be published. Required fields are marked *