Attack methods of IPv6 Networks

Security issues on the Internet have always been a key issue we are emphasizing. At present, many people have already begun to use the IPv6 network, but because it is in the initial stage, there are still many security risks. Now let's take a look at all the security issues.

Both IPv4 and IPv6 require DNS. the DNS server in IPv6 is a key host that is easy to be viewed by hackers. That is to say, although it is impossible to conduct system network reconnaissance on the entire network, there are always several hosts in each IPv6 network that everyone knows the network name, these Hosts can also be attacked.

In addition, because the IPv6 address space is too large, many IPv6 networks will use dynamic DNS services. If attackers can take over the Dynamic DNS server, they can obtain a large number of online IPv6 host addresses.

Because the IPv6 address is 128 bits, it is not easy to remember. The network administrator may often use the note IPv6 address. These note IPv6 addresses may be edited into something similar to the dictionary, it is less likely to find an IPv6 host, but it is more likely to guess the IPv6 host.

Because IPv6 and IPv4 have to coexist for a long time, many network administrators will put IPv4 addresses in the last 32 bits of IPv6 addresses, hackers may also follow this method to guess the possible online IPv6 address.

Therefore, special attention must be paid to the security of key hosts. Otherwise, hackers will start from here to access the entire network. Therefore, when assigning an IPv6 address to the host, the network administrator should not use a memorable address, or try to randomize the IPv6 address in the network, this will greatly reduce the chances of these hosts being discovered by hackers.

The following network attack technologies exist in both IPv4 and IPv6 networks, which need to be taken seriously:

Message listening:

Although IPv6 provides the most IPSEC packet protection tool, it is still possible to peek at IPv6 packets without configuring IPsec due to public keys and keys;

Application Layer Attacks:

Obviously, any attacks against the application layer, such as WEB servers and database servers, will still be effective;

Man-in-the-middle attack:

Although IPv6 provides IPsec, it may still be attacked by man-in-the-middle personnel. Therefore, try to use the normal mode to exchange keys;

Flood Attack:

Whether in an IPv4 or IPv6 network, attacks that launch a large amount of network traffic to the attacked host will always exist, although in IPv6, tracing attack sources are easier than IPv4.