networking - How do I bind to a specific link local IPv6 address other than the default?
2014-04
I'm not 100% sure I'm using the correct terminology in the title, so if someone knows better than I do please amend it.
I'm trying to replicate a malicious script that I've seen in the wild for the purposes of testing my options to respond to it. It binds to a bunch of ip addresses on an IPv6 /64 and is then used to flood IRC from hundreds or thousands of different ip addresses. The fact that it's able to bind to different addresses allows it to bypass some automatic per-hostname throttling and cause trouble despite existing measures in place.
Basically, the problem I'm trying to solve boils down to this. I'm using a test machine running Ubuntu Server 13.10:
$ uname -a
Linux sandbox 3.11.0-12-generic #19-Ubuntu SMP Wed Oct 9 16:12:00 UTC 2013 i686 i686 i686 GNU/Linux
My network is setup in the following manner:
$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:18:f8:0d:c0:d5
inet addr:192.168.2.100 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::218:f8ff:fe0d:c0d5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9184009 errors:0 dropped:751 overruns:0 frame:57518
TX packets:1143073 errors:12057087 dropped:0 overruns:0 carrier:23942906
collisions:0 txqueuelen:1000
RX bytes:1475317803 (1.4 GB) TX bytes:287318593 (287.3 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:4007947 errors:0 dropped:0 overruns:0 frame:0
TX packets:4007947 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:663390993 (663.3 MB) TX bytes:663390993 (663.3 MB)
The inet6
line of the eth0 listing indicates to me that the entire /64 upon which the listed address resides is allocated as link-local to this machine, but I'm not 100% sure this is true. In any case, the following command I'm using to test connectivity is failing to work as I expect:
$ telnet -6 -b fe80::1234:1234:1234:1234%eth0 fe80::218:f8ff:fe0d:c0d5%eth0 6667
telnet: bind: Cannot assign requested address
Am I incorrect in assuming that the entire /64 is allocated to this one machine? If it's not, how can I configure something that will allow this to work (a Host-only solution is fine since this is only for testing)? Otherwise, what should I be doing instead to correctly bind to this address?
fe80::/64 is the link-local prefix for the entire Ethernet LAN that eth0 is connected to. To give your machine another address on that network, you need to use something like ifconfig
to tell your IPv6 stack to use that address before you can tell telnet
to bind to it.
I don't recall the exact ifconfig
syntax off the top of my head, but look at the add
and alias
subcommands in the man page.
I have 2 ubuntu boxes in a WiFi network. Below is the 'ifconfig' of my destination machine.
But in my source machine, I tried 'ssh 192.168.1.2' I get connection refused.
$ ifconfig
eth0 Link encap:Ethernet HWaddr c8:0a:a9:4d:d6:6a
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:35
wlan0 Link encap:Ethernet HWaddr 00:23:14:32:e8:dc
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::223:14ff:fe32:e8dc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:319828 errors:0 dropped:0 overruns:0 frame:0
TX packets:618371 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30642011 (30.6 MB) TX bytes:921522542 (921.5 MB)
How to set up so that I can ssh from 1 box to another?
There are a couple of things you need:
- The IP address and credentials to login to the destination machine (obviously)
- Make sure you can actually reach the other IP address. The ping command is your best friend here.
- Remember that by default, root cannot remotely login via ssh. Use sudo
- You need to make sure that openssh is installed. You can do this using Synaptics, search for openssh.
- Look for a "meta package" for openssh. This will implement all needed components. Or just install openssh-server. You may have to accept other dependent packages to also be installed.
- If you have a firewall installed, make sure that port 22 is open for inbound connection. This should be open by default.
Once all this is done, start the command-line prompt on the client machine, and enter the command:
$ ssh username@ipaddress Substitute "username" with the login id to use on the destination machine, and ipaddress with the full IP address of the server.
You can go without specifying the username. Then, the destination server will assume that you will login with the same username, only asking for the password.
In more advanced setup, you can look at setting SSH to listen on a different port. You can also use the certificate-based authentication. Look around on the internet for more documentation.
Make sure on the destination machine that port 22 is open and that sshd is running.