The new thc-ipv6 attack toolkit is out, with "RA Guard Evasion". You can get it here:
Two new options are now available: Fragmentation and Hop-by-hop headers. I know Hop-by-hop headers are deprecated, so I did not try them. But I tried the Fragmentation option, and this is what it does:
Is this really enough to evade Cisco's RA guard? I don't have a Cisco switch right now, but if that defeats it, it's a shame. If anyone has a switch with RA Guard handy, please try the flood_router6 attack with the -F and -H options and let me know what happens!
5-22-11 Sam Bowne