ICMPV6 Vulnerability: The Importance of Threat Model and SF-ICMP6

ICMPV6 Vulnerability: The Importance of Threat Model and SF-ICMP6

Abidah Hj Mat Taib, Wan Nor Ashiqin Wan Ali, Nurul Sharidah Shaari
DOI: 10.4018/jmcmc.2013040106
(Individual Articles)
No Current Special Offers


Handling Internet Control Message Protocol version 6 (ICMPv6) vulnerabilities is among the challenges in securing the IPv6 deployment. Since ICMPv6 messages are crucial in IPv6 communications, this paper discusses the discovery of ICMPv6 vulnerabilities by producing a threat model of ICMPv6 vulnerabilities and proposing the use of Selective Filtering ICMPv6 Messages (SF-ICMP6) to handle some of the vulnerabilities. An experiment was conducted to verify the threat model by observing and discussing the usage of ICMPv6 threat model together with SF-ICMP6. The findings showed that the attack derived in the threat model is possible and the countermeasure associated with it is appropriate. As for SF-ICMP6, selectively filtering messages should be enforced because different messages require filtering of different type and code. It is expected that with the use of threat model and SF-ICMP6, maintaining and securing ICMPv6 messages in IPv6 deployment is attainable.
Article Preview


IPv6 existence has increased the challenges in maintaining security of an enterprise network. Besides taking a good care of the network operation and activities, analyzing the network vulnerabilities during IPv6 deployment is necessary. Some specific IPv6 vulnerabilities that are commonly debated are reconnaissance attacks, misuse of routing header type 0 (RH0), misuse of multicast, and misuse of ICMPv6 (Durdagl & Buldu, 2010). An overview of these vulnerabilities is depicted in Figure 1.

Figure 1.

IPv6 specific vulnerabilities


By identifying the vulnerabilities of IPv6 and the cause that initiates them, determining the appropriate countermeasure is possible. Unfortunately, the misuses of multicast and ICMPv6 have not totally been solved. ICMPv6 is precisely designed to tell the host about errors encountered in incoming or outgoing packets. Since ICMPv6 plays a primary role to sustain and establish communications of nodes, finding alternative solutions to the problem is crucial. Moreover, they can be exploited to attack the IPv6 network (Hogg & Vynke, 2009). Some ICMPv6 vulnerabilities have been used in performing various number of Denial-of-Service attacks against the TCP (Cisco, 2012) and multiple Cisco products were affected regarding the ICMPv6 vulnerabilities (Gont, 2007).

ICMPv6 is one of the protocols used to present reporting errors in a packet transmitting diagnostic function and framework for implementing IPv6 control aspects (Conta, Deering, & Gupta, 2006). They are very important for smooth IPv6 communication. ICMPv6 messages contain a type (1byte) and a code (1 byte) that associate the details of the messages to the type of message. ICMPv6 messages are classified into informational messages and error messages. Error messages use type 0 through 127, and provide useful information back to the source of the IPv6 communications about any errors that might have occurred in the connection. Informational messages use type 128 to 255, and perform diagnostic functions and additional host functionality. Figure 2 shows the classification of ICMPv6 messages: Informational Messages and Error Messages and their associated types and codes.

Figure 2.

Overview of the ICMPv6 messages associated with respective types and codes. (Adopted from (Taib, Shaari, Ali, & Budiarto, 2012))


Despite having an important role in IPv6 communication, ICMPv6 messages are exposed to some security risks (Caicedo, Joshi, & Tuladhar, 2009; Davies, Krishnan, & Savola, 2007; Hayoung, Kijoon, HyoChan, & JungChan, 2006; Hogg & Vyncke, 2009; Liu, Duan, Lin, Li, & Wu, 2009; Convery & Miller, 2003). Due to its vital function, as well as the existence of threats and vulnerabilities, ICMPv6 has become the target of attacks. Realizing that ICMPv6 must be properly controlled and secured, this paper emphasizes the implementation of proper ICMPv6 filtering at each node. Filtering ICMPv6 messages is needed and must be done carefully as they cannot be simply blocked because by doing so, it may result in network connectivity problem. Thus, they should not be blindly filtered by the firewall. For instance, fragmentation and reassembly are done by IPv6 end nodes. The intermediate routers are expected to generate ICMPv6 Type 2 (packet too big) if the MTU of outbound interface is less than the packet size. The intermediate router is expected to put the right PMTU value in the ICMPv6 error messages. If these messages do not reach the transmitting end node, it will not have information on path MTU and it will continue to send messages with original MTU which will be dropped by the intermediate router.

Complete Article List

Search this Journal:
Volume 14: 1 Issue (2023)
Volume 13: 4 Issues (2022): 2 Released, 2 Forthcoming
Volume 12: 4 Issues (2021)
Volume 11: 4 Issues (2020)
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing