Research On Vulnerability Testing Of IPv6 Network

Although IPv4 made a great contribution to the development and applications on the Internet in forty years and has proven its robust, with the rapid development of Internet and the explosive expansion of the networks size, a serious shortage of IP address space, the poor network performance, the too large routing table and the lack of mobility, IPv4's limitations have become increasingly prominent. Especially with the depletion of IPv4 addresses, we have been eager to seek an alternative IP protocol. Then the next generation Internet protocol IPv6 came into being. As an upgraded version of IPv4, IPv6 replacing of IPv4 has been a historical necessity. IPv6 retains the excellent performance of IPv4 and has made substantial progress of quality assurance and security. IPv6 has a vast address space, the use of effective hierarchical addressing and routing structure, and it takes effective measures to ensure the reliability of data, all of these are proof of its good characteristics.Compared with IPv4, the network data integrity and confidentiality, etc. in IPv6 were greatly improved, however, the security aspects of IPv6 in the network are still deficient. This paper studies various of security vulnerabilities in the IPv6 network. There are not only the traditional security vulnerabilities in the IPv4 in the IPv6 network, but also the new network security vulnerabilities because of the introduction of IPv6. There are various transitional technology in IPv6 to IPv4 transition process, this makes the complicated network structure and lead to new security risks. At the same time, in the deployment and implementation of IPv6, there will be many places not comprehensive considered in such a large scale and complex networks, this can lead to IPv6 network security risks.In this paper, we study the loopholes and inadequacies of IPv6 protocols, and focuse on analyzing the vulnerabilities of IPv6 extension header. We research and analyze the IPv6 network security vulnerabilities, and analyze the vulnerabilities of deployment and implementation in IPv6 network. We build IPv6 network experimental platform for testing IPv6 network vulnerabilities through modifying the design of THC IPv6 network attacking tools and Wireshack network packets analysis tools. This paper studies covert channels in IPv6 application, and proposes a method of using Hop-by-Hop Options Header to establish a network covert channel.