• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Nmap toggles used by HE IPv6 portscan page

Started by rsreese, September 24, 2010, 08:59:43 PM

Previous topic - Next topic

rsreese

What Nmap toggles are used by http://tunnelbroker.net/ipv6_portscan.php

I'm getting some interesting results but I'm assuming that's because I'm scanning through a tunnel so the scan is penetrating the firewall rendering it useless. I would like to fix this by applying ACL's to the tunnel interface.

kcochran

nmap -6 $IPADDR

That's it.

And if your firewall is only watching for v4, it won't catch anything v6 related.

rsreese

Thanks for the quick reply. That's what I thought.

Would filtering the tunnel interface be the best scenario since I do not assume you can filter IPv6 at the IPv4 interface in which the encapsulated IPv6 packets arrived at?

kcochran

Yeah, you'd have to stick any ACLs on the actual v6 interfaces.  Trying to filter on the v4 won't work, since it has no real concept of the embedded IPv6 traffic until it's unencapsulated.

rsreese