5. Attacks on the ND protocol

There are 2 categories of vulnerabilities for the NDP mechanism:

The first category concerns attacks external to the network link where potential victims are located;
The second category is based on attacks inside the network link.

5.1 External attacks

When a router receives an IPv6 packet destined for a node on this subnet, according to the NDP specifications, it must check whether it already has the information concerning the recipient of this IPv6 packet in its Neighbor Cache, so that it can forward it. If this is not the case, it stores the IPv6 packet and applies the ND procedure (§

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Attacks on the ND protocol

Previous
page IPv6 address auto-configuration

ND protocol palliative protection solutions

Bibliography

(1) - DEERING (S.), HINDEN (R.) - Internet protocol, version 6 (IPv6) specification. - RFC 2460, Internet Engineering Task Force, déc. 1998.
(2) - HINDEN (R.), DEERING (S.) - IP version 6 addressing architecture. - RFC 4291, Internet...