Denial of Service Attack through IPv6 Router Advertisement Vulnerability
Local area networks sporting the IPv6 protocol were deemed vulnerable through a recent Router Advertisement vulnerability that crashes everything from Windows operating systems, to Macs, various Linux distributions, PS3`s and Xbox consoles.
The new attack from Marc Heuse works by sending Router Advertisement packets and forcing operating systems to create IPv6 addresses in response to every packet it receives. By flooding the network with enough RA`s, Windows machines will consumes more CPU time as the Stateless Auto Configuration process tries to configure the addresses.
“Suppose someone writes this into a malicious Web attack, so everyone who views a malicious Web page instantly kills all the machines on their LAN,” writes Sam Bowne, Ethical Hacking instructor at City College San Francisco.
Although this type of attack has been previously demonstrated by using RA packets with ICMPv6 options like MTU (maximum transmission unit), prefix information, and source link-layer address, the new attack adds 18 prefix information sections and 17 route information sections.
“This is extremely dangerous! A single device can instantly stop all the Windows machines on a Local Area Network,” said Bowne. “In my tests, my Windows 7 virtual machine freezes totally and the only way to revive it is shutting the power off–an abnormal shutdown.”
Solutions such as disabling IPv6, turning off router discovery or using a firewall to turn off Router Advertisements could be implemented by end-users until a fix is released.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
FOLLOW US ON
You might also like
August 02, 2021
July 30, 2021