Evading RA Guard

This is a new improvement for the IPv6 Router Advertisement DoS Attack.

The new thc-ipv6 attack toolkit is out, with "RA Guard Evasion". You can get it here:


Two new options are now available: Fragmentation and Hop-by-hop headers. I know Hop-by-hop headers are deprecated, so I did not try them. But I tried the Fragmentation option, and this is what it does:

Normal Router Advertisement

Router Advertisement with Fragmentation Headers

Is this really enough to evade Cisco's RA guard? I don't have a Cisco switch right now, but if that defeats it, it's a shame. If anyone has a switch with RA Guard handy, please try the flood_router6 attack with the -F and -H options and let me know what happens!

5-22-11 Sam Bowne