Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Toys

Messaging Over IPv6 Headers 70

elias miles writes "A guy from the Swiss Unix Users Group made a cool utility that lets you chat over IPv6 packet headers. Not useful, but it's a nice hack. Read the article and download joe 6 pack."
This discussion has been archived. No new comments can be posted.

Messaging Over IPv6 Headers

Comments Filter:
  • again? (Score:5, Funny)

    by acxr is wasted ( 653126 ) * on Sunday July 06, 2003 @10:23AM (#6377098)
    What is this, "nice hack" day?
    • Re:again? (Score:5, Funny)

      by prockcore ( 543967 ) on Sunday July 06, 2003 @10:25AM (#6377107)
      What is this, "nice hack" day?

      Wake me up when it's "nice rack" day.
    • Re:again? (Score:2, Funny)

      by Trespass ( 225077 )
      "Slow news" day, dude.
    • Re:again? (Score:2, Interesting)

      by Anonymous Coward

      What is this, "nice hack" day?

      While IPv6 fixes many problems in IPv4, the developed world will not embrace IPv6 until many shortcomings in the protocol are addressed.

      1. Cisco routers suck at IPv6. Many of cisco's routers use the router's CPU to process IPv6 packets instead of the fast-path. The reasons for this are explained in the next few points. While Juniper's routers are substantially better at IPv6 than cisco's, IT managers are often restrained by insane corporate policy that dictactes the use
      • Re:again? (Score:3, Insightful)

        by raboofje ( 538591 )
        With respect to point 3, autoconfiguration is indeed nice, but your statement about the routing tables is false. In fact, the size and efficiency of the routing tables are two of the great 'plus' sides of IPv6. To put is simply: since we don't have to be so thrifty with the address space, we're more free to do this properly.

        As for point 4, you certainly have a point there, but with the MTU discovery in IPv6 (which prevents the (expensive!) fragmentation found in IPv4) you might actually see improvements t

      • Re:again? (Score:5, Informative)

        by Cato ( 8296 ) on Monday July 07, 2003 @02:55AM (#6381504)
        So many half-truths, so little time...

        Point 1 re 'Cisco sucks at IPv6' - do you have any data to back this up? Cisco seem to be doing fine with IPv6 deployments so I don't believe this is a real issue. More recent Cisco routers (7600, 10000, 12000 series) are hardware-based and will do IPv6 in hardware. Those that are software-based will forward IPv6 exactly like the other non-IPv4 protocols they have supported for years (DECnet, SNA, etc) - Cisco started out with multiprotocol routing not just IP. I'd be surprised if there is a big difference in performance - certainly there'll be more memory references with IPv6 addresses, but the IPv6 header (less the addresses) is shorter and simpler than the IPv4 header, so software-based routers may actually go faster on IPv6. Hardware-based routers should go at wire speed, basically.

        Point 2 - there are already 1 billion cell phones in the world, and perhaps 30% of those are already IP-enabled. If you add in VoIP phones at home, and the myriad of new devices such as TiVOs, you can easily see how a mere 4 billion addresses is not enough - remember that India and China alone have 2 billion people. NAT is a hack that prevents simple deployment of more complex applications that aren't merely client to server - P2P apps work much more easily without NAT.

        Point 3 - routing tables too large. Routing tables won't grow in size as you imply - if anything they are smaller for the true core routers, since IPv6 was designed to scale better using CIDR-like techniques for route aggregation, i.e. only a short prefix is stored and fewer prefixes should be needed. Your proposal for using the Ethernet-style MAC address doesn't work for ADSL, leased lines, and many other non-Ethernet media.

        Point 4 - this is true for MTU-sized packets, but of course the host can send larger packets (frequently 1500 bytes or so), reducing this overhead. A 1 to 3 % overhead doesn't sound like much given IPv6's other advantages.

        The fact that IPv6 allows stupid hacks like this is irrelevant. IPv6 is going to happen, it's just a question of time - my ADSL ISP already offers IPv6 as a checkbox option at no extra cost.
      • 1. Cisco will step up support of IPv6 the more of it|s customers adopt it.

        2. A long time ago somebody said 640K of ram is enough.

        3. Not true. Just because the network addresses themselves doubled in size (8 bytes) that still doesn\t mean routing tables will bloat, explode and spiral out of control. The size of a routing table is determined more by how many subnets there are than how large the entry in that table is. They\ll just double in size and we can certainly handle that.

        4. I can live with a perform
      • Re:again? (Score:3, Informative)

        by psmears ( 629712 )

        I would have ignored this as a troll, but it's been modded "+4 Interesting" so it's probably worth providing some perspective to the points raised..

        1. Cisco routers suck at IPv6

        Even if true, this can hardly be described as a shortcoming with the protocol (though I agree it might be a problem in its deployment).

        2. There are too many addresses

        In what way is it a problem to have too many addresses available? It's not compulsory to use them all ;-). Indeed it's necessary to have them, since it's not p

      • 1. Cisco routers suck at IPv6.
        Who cares????????
        Just as long as there is one good provider, people can start buying, and others will improve or lose.

        2,3 & 4. There are too many addresses.

        There is not such thing as too many addresses. There is such thing as too few, and it is called IPv4. NAT is just plain ugly and a dirty hack.

        You cannot rely on routers translating packet headers, because networks tend to grow faster than processors.

        With IPv6 one of the policies is to improve latency on top of throug
  • by Anonymous Coward on Sunday July 06, 2003 @10:30AM (#6377130)

    As in the "radio stations" which broadcast some OTP numbers / instructions for spies / whatever, why not make this broadcast public keys of those whom you know along with your normal traffic. Then you could run a modified Joe Sixpack in the background and gather the keys that way.

    Or broadcast DNS information (suitably protected), creating a distributed naming service without DNS servers :-)

    The motivation behind broadcasting is that if all the rest of the world is against you, your odds are so small that you will lose. But if the bad guys only get like 1 % of the rest of the world, you have a chance of winning. Supermegaprobabilisticexpialidocius!

  • by Eudial ( 590661 )
    suug (Swiss Unix User Group) means "suuck" in swedish.
  • This method of sending messages might seem stupid now, but in the long run a James Bond like spy might do something like this to save a life. Hmm, or maybe spies are such jocks that computer code alludes them. Any unorthodox method of sending a message is important, though.
    • Any unorthodox method of sending a message is important

      Nice, that would include the spreadsheet I put together to translate ASCII into a string of x'es and spaces to append to email sign-offs. like:

      Love,
      Snugglebunny
      xx x xx xx xxx xx xx xxx x xxx xx xxx x xx xxx

      NB: The above example doesn't mean anything, it's just an example
  • Evil bit (Score:3, Funny)

    by countach ( 534280 ) on Sunday July 06, 2003 @10:42AM (#6377164)
    But does the hack interfere with the Evil Bit(tm)?

    And when the system becomes mainstream, and the spammers start sending you messages, will they set the Evil Bit?

  • IPv6? (Score:2, Funny)

    by Xeth ( 614132 )
    Hah, typical slashdot, this is a dupe. There was already a story on Science Fiction today. [slashdot.org]
  • The initial idea was to make something very stupid using IPv6

    Well, at least he's upfront about it :)

    • When you want to send an IM to somebody's IP, you have to type:

      0x00000000000000.............0000.......45AEG6A4


      by the time you finish typing their IP, you don't even want to talk to them anymore :-P
    • something very stupid

      I am going to write a IPv4 emulator for IPv6 >:)
      • Too bad, it already exists.

        Well, it's not an emulator, but more like a proxy which maps the IPv4 space in IPv6 address space and does automatic proxying, so you can have full v6 nodes on your network, and still access v4 services.

        It's called NAT-PT, and you can find its relative RFC here: http://www.ietf.org/rfc/rfc2766.txt
  • Covert Channel (Score:5, Interesting)

    by espo812 ( 261758 ) on Sunday July 06, 2003 @11:05AM (#6377258)
    This is known as a covert channel [sans.org]. Depending on what is going on this is useful or a security risk. For example, an employee could smuggle out data from a network possibly under the radar of most IDSes and the eyes of net admins. Replace employee with political prisioner, or spy, or whathave you.
    • For example, an employee could smuggle out data from a network possibly under the radar of most IDSes and the eyes of net admins

      that would be security through obscurity - which we all know can not be relied on. Now if those messages were also encrypted with 512bit keys, then it would be something, but then you might as well include the message in the actual data part of the packet.

      • Security risk, not security.

      • Re:Covert Channel (Score:5, Insightful)

        by LongJohnStewartMill ( 645597 ) on Sunday July 06, 2003 @12:31PM (#6377740)
        that would be security through obscurity - which we all know can not be relied on.

        The point of a covert channel is obscurity. You could add security on top of it, but putting the message into the data part would defeat the whole purpose of the covert channel. You are trying to find some way to get processes/machines/people to communicate within the confines of the operating system, and without anything/anybody else knowing about it.

        An simple example? Say all the normal channels for process communication are blocked. No pipes, no sockets, etc. You can't use files. The only thing you can do is monitor the activity of the other process (ie the 'ps' command). By monitoring, say, memory allocation of the other process, two processes could communicate, sending the data byte by byte. Once a byte is sent, the receiving process could increment its memory to confirm. Then the sender increments its memory to send the next byte, etc.

        The point of covert channels is that no matter how secure a system appears to be, it is possible for leaks because of things like this (probably more complex).
    • Re:Covert Channel (Score:4, Interesting)

      by cdemon6 ( 443233 ) on Sunday July 06, 2003 @01:03PM (#6377908) Homepage
      >>> This is known as a covert channel. Depending on what is going on this is useful or a security risk.

      The german ct magazine had a working hack about a year ago which allowed network io over dsn query headers and could circumvent firewalls. Sounds like this might be pretty much the same problem, and i consider it a rather serious one because io based on such techniques may be slow because the is much more overhead than data per packet, but it *is* working and i don't know of any firewall which could prevent this. please correct me if i'm wrong in this point, of course ;)

      • Blocking icmpv6 will stop it.
      • Re:Covert Channel (Score:3, Insightful)

        by espo812 ( 261758 )

        i don't know of any firewall which could prevent this. please correct me if i'm wrong in this point

        According to the article: I found the Destination Options header having no use yet. So make it have one

        I'm not sure what the standard says about what this field should say. And even if it defines something, another question is what stacks will actually do with this field. Anyway - one way to stop this would be to zero this field on everything going out and comming into the firewall. The problem, of course

      • Re:Covert Channel (Score:3, Interesting)

        by drinkypoo ( 153816 )
        Since netfilter can filter based on the contents of packets (at least for IPv4), I would imagine that it can now or can soon handle traffic like this in IPv6.
    • "Replace employee with political prisioner, or spy, or whathave you."

      I believe the Politically Correct term you were looking for is 'terrorist'.

  • by xYoni69x ( 652510 ) <yoni.vl@gmail.com> on Sunday July 06, 2003 @11:21AM (#6377352) Journal
    The Joe 6 Pack uses IPv6 destination options to specify a special option that contains the chat message...
    The actual IPv6 packet being sent is an ICMPv6 echo-reply packet that seems to contain all nulls.
    This makes the destination option seem a bit redundant...
    You could implement this using nothing but ICMP (over either IPv4 or IPv6).

    In the ICMP echo data, build some kind of header:

    (4 bytes) magic identifier, i.e. 0xBAADF00D
    (n bytes) message
    (4 bytes) CRC-32 checksum of the previous n+4 bytes


    The CRC-32 checksum is there to differentiate between "chat-pings" and "real pings".

    I started to implement this as a special ping program (so you could do something like ping 1.2.3.4 --msg hi!) and maybe will finish it when I'm less busy.
    • 01011001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110100 01100001 01101011 01100101 00100000 01111001 01101111 01110101 01110010 00100000 01000100 01001101 01000011 01000001 00100000 01100001 01101110 01100100 00100000 01110011 01101000 01101111 01110110 01100101 00100000 01101001 01110100 00101110 00100000 01001000 01100101 01111000 00100000 01101001 01110011 00100000 01100110 01101111 01110010 00100000 01101100 01100001 01101101 01100101 01110010 01110011 00101110 00100000 0100001
      • by xYoni69x ( 652510 )
        The following code acts as a method of circumvention and is therefore illegal:

        #include <stdio.h>

        static char msg[] = "01011001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110100 01100001 01101011 01100101 00100000 01111001 01101111 01110101 01110010 00100000 01000100 01001101 01000011 01000001 00100000 01100001 01101110 01100100 00100000 01110011 01101000 01101111 01110110 01100101 00100000 01101001 01110100 00101110 00100000 01001000 01100101 01111000 00100000 01101001 0111001

        • With your circumvention device, you have cost an estimated Eleventy Billion dollars in sales for my organization. Expect to hear from my lawyers.
    • Implemented by hping2 [hping.org]

      you can either do
      hping 1.2.3.4 -e your_message_here
      or
      hping 1.2.3.4 -E file-to-embed

      have fun!
  • Those of you to whom this article reminds you of the *nix 'talk' command, raise your hand.

    /me raises hand
  • by avel599 ( 413285 ) on Sunday July 06, 2003 @12:43PM (#6377810)
    "sonar"

    From the description of the Debian package:

    Description: console chat via ICMP (ping) echo-request packets sonar implements a peer to peer chat using ICMP (ping) echo-request packets, which means nearly stealth communication between two hosts without a central server.

    It has an ncurses-based interface with basic support for multiple windows and chats with different peers. It is a reference implementation for the u23 project of the Chaos Computer Club Cologne (http://koeln.ccc.de)
  • All good hacks for MacHack must be useless. You will get boo'ed and "usefull" will be screamed at you otherwise.
  • Big Deal (Score:1, Funny)

    by Anonymous Coward
    Wake me up when someone figures out how to send porn over IPv6 headers.

Money is the root of all evil, and man needs roots.

Working...