Rafiee, Hosnieh; Mueller, Christoph; Niemeier, Lukas; Streek, Jannik; Sterz, Christoph; Meinel, Christoph
Proceedings of The 6th International Conference on Security of Information and Networks (SIN 2013)
Security has recently become a very important concern for entities using IPv6 networks. This is especially true with the recent news reports where governments and companies have admitted to credible cyber attacks against them in which con�dential information and the security of data have been compromised. In this paper we will introduce a flexible framework that can be used for penetration testing of IPv6 networks. Due to the large address space in each of the IPv6 subnets, the traditional scanning approaches do not work. Here we introduce our new scanning algorithm which will �nd the IPv6 nodes on the Internet which are using Domain Name System (DNS) servers. Our implementation results showed that the use of the DNS Security Extension (DNSSEC) with NSEC3 , which is a new and promising approach for the prevention of zone walking, was not able to prevent us from gathering information about nodes on different networks.