networking - How do I bind to a specific link local IPv6 address other than the default?

06
2014-04
  • Wug

    I'm not 100% sure I'm using the correct terminology in the title, so if someone knows better than I do please amend it.

    I'm trying to replicate a malicious script that I've seen in the wild for the purposes of testing my options to respond to it. It binds to a bunch of ip addresses on an IPv6 /64 and is then used to flood IRC from hundreds or thousands of different ip addresses. The fact that it's able to bind to different addresses allows it to bypass some automatic per-hostname throttling and cause trouble despite existing measures in place.

    Basically, the problem I'm trying to solve boils down to this. I'm using a test machine running Ubuntu Server 13.10:

    $ uname -a
Linux sandbox 3.11.0-12-generic #19-Ubuntu SMP Wed Oct 9 16:12:00 UTC 2013 i686 i686 i686 GNU/Linux

    My network is setup in the following manner:

    $ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:18:f8:0d:c0:d5
          inet addr:192.168.2.100  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::218:f8ff:fe0d:c0d5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9184009 errors:0 dropped:751 overruns:0 frame:57518
          TX packets:1143073 errors:12057087 dropped:0 overruns:0 carrier:23942906
          collisions:0 txqueuelen:1000
          RX bytes:1475317803 (1.4 GB)  TX bytes:287318593 (287.3 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:4007947 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4007947 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:663390993 (663.3 MB)  TX bytes:663390993 (663.3 MB)

    The inet6 line of the eth0 listing indicates to me that the entire /64 upon which the listed address resides is allocated as link-local to this machine, but I'm not 100% sure this is true. In any case, the following command I'm using to test connectivity is failing to work as I expect:

    $ telnet -6 -b fe80::1234:1234:1234:1234%eth0 fe80::218:f8ff:fe0d:c0d5%eth0 6667
telnet: bind: Cannot assign requested address

    Am I incorrect in assuming that the entire /64 is allocated to this one machine? If it's not, how can I configure something that will allow this to work (a Host-only solution is fine since this is only for testing)? Otherwise, what should I be doing instead to correctly bind to this address?

    • Answers
  • Spiff

    fe80::/64 is the link-local prefix for the entire Ethernet LAN that eth0 is connected to. To give your machine another address on that network, you need to use something like ifconfig to tell your IPv6 stack to use that address before you can tell telnet to bind to it.

    I don't recall the exact ifconfig syntax off the top of my head, but look at the add and alias subcommands in the man page.


    • Related Question

    networking - ssh from 1 ubuntu box to another ubuntu box
  • michael

    I have 2 ubuntu boxes in a WiFi network. Below is the 'ifconfig' of my destination machine.

    But in my source machine, I tried 'ssh 192.168.1.2' I get connection refused.

    $ ifconfig
eth0  Link encap:Ethernet  HWaddr c8:0a:a9:4d:d6:6a  
      UP BROADCAST MULTICAST  MTU:1500  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
      Interrupt:35 

 wlan0 Link encap:Ethernet  HWaddr 00:23:14:32:e8:dc  
       inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
       inet6 addr: fe80::223:14ff:fe32:e8dc/64 Scope:Link
       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
       RX packets:319828 errors:0 dropped:0 overruns:0 frame:0
       TX packets:618371 errors:0 dropped:0 overruns:0 carrier:0
       collisions:0 txqueuelen:1000 
       RX bytes:30642011 (30.6 MB)  TX bytes:921522542 (921.5 MB)

    How to set up so that I can ssh from 1 box to another?


    • Related Answers
  • jfmessier

    There are a couple of things you need:

    • The IP address and credentials to login to the destination machine (obviously)
    • Make sure you can actually reach the other IP address. The ping command is your best friend here.
    • Remember that by default, root cannot remotely login via ssh. Use sudo
    • You need to make sure that openssh is installed. You can do this using Synaptics, search for openssh.
    • Look for a "meta package" for openssh. This will implement all needed components. Or just install openssh-server. You may have to accept other dependent packages to also be installed.
    • If you have a firewall installed, make sure that port 22 is open for inbound connection. This should be open by default.

    Once all this is done, start the command-line prompt on the client machine, and enter the command:

    $ ssh username@ipaddress Substitute "username" with the login id to use on the destination machine, and ipaddress with the full IP address of the server.

    You can go without specifying the username. Then, the destination server will assume that you will login with the same username, only asking for the password.

    In more advanced setup, you can look at setting SSH to listen on a different port. You can also use the certificate-based authentication. Look around on the internet for more documentation.

  • Ignacio Vazquez-Abrams

    Make sure on the destination machine that port 22 is open and that sshd is running.