Öffentliche Wikis
IPv6 Wiki
Network Engineering
Netzwerksicherheit
Netzwerkprogrammierung
Contiki OS
Linux
FreeBSD
Windows
OSX
Internet of Things
Private Wikis
Öffentliche Wikis
IPv6 Wiki
Network Engineering
Netzwerksicherheit
Netzwerkprogrammierung
Contiki OS
Linux
FreeBSD
Windows
OSX
Internet of Things
Private Wikis
Miredo-Server lauscht auf
Interface: eth0
IPv4-Adr: 192.64.0.100 und 192.64.0.101
Miredo-Server installieren:
$ sudo apt-get install miredo-server
Die 2. IPv4-Adr. an IF binden:
$ sudo ip -4 addr add 192.64.0.101/24
In der /etc/miredo-server.conf
:
ServerBindAddress 192.64.0.100
„On the IPv6 side, no special setting should be needed. The server should simply have a working IPv6 connectivity. It must be allowed to emit ICMPv6 packets with source in range 2001:0::/32 and destination within 2000::/3.“1)
$ sudo /etc/init.d/miredo-server start
Link | Anmerkungen |
---|---|
Symantec-Paper | |
Heise Artikel | Überblick über Protokoll und Konfiguration |
Miredo | Teredo Implementierung für Linux |
RFC 4380 - Teredo | RFC-Standard |
Teredo-Überblick (Microsoft) | |
Teredo-Troubleshooting (Microsoft) |
http://www.hoggnet.com/Presentations/Microsoft%20IPv6-2007-09-17.pdf
http://yorickdowne.wordpress.com/2008/01/26/ipv6-at-home-part-1-overview-teredo/
http://msdn.microsoft.com/en-us/library/bb968771(VS.85).aspx
http://msdn.microsoft.com/en-us/library/bb190948(v=VS.85).aspx
http://www.brandontek.com/?p=100 - Übersichtliche Darstellung des Adressaufbaus
Die ersten 2 Byte nach dem UDP-Header haben den Wert 00
01
Nach weiteren 8 Byte 'Origin Indication Header' folgt das IPv6 Paket, erkennbar am Bitmuster des Type Feld (byte_test:1,&,96,0)
policy.rules:alert udp $HOME_NET any -> $EXTERNAL_NET 3544 (msg:"POLICY Outbound Teredo traffic detected"; flow:to_server; content:" |01|"; depth:2; offset:8; byte_test:1,&,96,0; reference:cve,2007-3038; reference:url,www.microsoft.com/technet/security/Bulletin/MS07-038.mspx; classtype:policy-violation; sid:12065; rev:2;) policy.rules:alert udp $EXTERNAL_NET 3544 -> $HOME_NET any (msg:"POLICY Inbound Teredo traffic detected"; flow:to_server; content:" |01|"; depth:2; offset:8; byte_test:1,&,96,0; reference:cve,2007-3038; reference:url,www.microsoft.com/technet/security/Bulletin/MS07-038.mspx; classtype:policy-violation; sid:12066; rev:3;)
policy.rules:alert udp $EXTERNAL_NET 3544 -> $HOME_NET any (msg:"POLICY Inbound Teredo traffic detected"; flow:to_server; content:"?|FE 83 1F|"; depth:4; offset:8; byte_test:1,&,96,0; reference:cve,2007-3038; reference:url,www.microsoft.com/technet/security/Bulletin/MS07-038.mspx; classtype:policy-violation; sid:12068; rev:2;) policy.rules:alert udp $HOME_NET any -> $EXTERNAL_NET 3544 (msg:"POLICY Outbound Teredo traffic detected"; flow:to_server; content:"?|FE 83 1F|"; depth:4; offset:8; byte_test:1,&,96,0; reference:cve,2007-3038; reference:url,www.microsoft.com/technet/security/Bulletin/MS07-038.mspx; classtype:policy-violation; sid:12067; rev:2;)