My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

ipv6finder : How ready are you for IPv6?

Published: 2011-01-05. Last Updated: 2011-01-05 17:00:33 UTC
by Johannes Ullrich (Version: 1)
4 comment(s)

Over the holidays, I used some of the vacation and down time to reorganize my home network. Part of this was to update my network maps and figure out how many of my devices do not support IPv6. I do use IPv6 extensively at home, but even some recently purchased devices do not support it.

Another problem you have with IPv6 is to find all devices on your network. The standard and simplest way to do this (aside from passively listening) is to ping the "all hosts" multicast address ff02::1. If you use auto configured link local addresses, you can also look for the EUI-64 (MAC Address) derived IPv6 addresses.

The result: a shell script to run some of these scans for you [1]

The ipv6finder.sh script currently is tested on Linux and OS X. It will not work on Windows. It does require root access as it uses arping for some of its tests (could fix that, but I found the arping output to be more consistent between platforms then just the arp command which would work too with a normal ping).

Read the comments in the file for some more details. Also: at the top of the script there are some variables that you can use to point it to the right location for various binaries it uses. Why bash and not perl... well, I started it in bash and it grew.

[1] http://johannes.homepc.org/ipv6finder.sh

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: ipv6
4 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments

Trying this on Debian testing, sh (bash) doesn't like the "==" operators in the two

if [ "$OS" == "LINUX" ]

lines. That, apparently, is a bashism: sh requires "=" here.

Small nitpick: on Debian testing, arping is in /usr/sbin.
On ubuntu 10.10 , small changes.

Path is different for arping

# ARPING=/sbin/arping
ARPING=/usr/bin/arping

Operator == have to be simple =

Loop has an issue (at least for me). Modified like

#for b in {1..254}; do
for b in $(seq 1 254); do


No NMAP here ;-) ?

Thanks for the useful script
To solve the operators and loop issues, just change the script header (debian)

#!/bin/bash
Sigh, I forwarded this to our network operations team. They responded that there was no reason to shift priorities to address IPv6 at this time. We'll be one of those places that implements IPv6 in a rush to meet demand and will spend years fixing the problems caused by lack of planning.

Diary Archives