BG - IPv6 Panel - Drinking Game

all right we're going to get started if you want to sit

down does this work yeah

okay it's part of the problem

okay for those Brave few who stood around for the last um panel or the last presentation of bides we are going to try to do something a little different it's going to we're going to learn a little bit hopefully about ip6 talk a little bit about ip6 and various flavors of security and then at the end you'll get to test your ip6 knowledge for drink or prizes whatever whatever you prefer um so so if you think you know ip6 You Don't Know Jack we have a great panel of most of the vulnerability management space here U starting here on my left immediate left Tim erlin is the uh director of product for n Circle HD Moore CSO of

Rapid 7 Wolf Gang candic CTO of qualis and Ron Gula CTO CEO founder of tenable network security I also want to mention that every single one of these companies up here have sponsored bides so give him a hand for that um and we're going to go from here okay so ip6 is something that most of us have heard about I assume I don't know how many of you have actually dealt with it or or think you have dealt with it or think you haven't dealt with it whether you have it in your network or not but it it has the potential to really change the way you're going to do security and the way you're going to manage your networks at

both at home and at work in the years to come if you believe people that say we're running out of ipv4 space um you know to the classic example is doing a discovery scan and an ip6 Network can take a couple of trillion years so we we need a better way of doing it what we're going to do is each of the panel members are going to give you anywhere from like a four to eight minute kind of background in a particular area and then we'll come into what we call ip6 Jeopardy leading us off will be Tim erlin from n Circle who's going to give us some ip6 general background Tim all right so I I think uh that I may

have the toughest job of the panelist in giving a background talk to an audience like this so I'm going to start by just trying to get a little context um from you guys so that we know our audience a little bit better we can tailor the conversation and the the questions ultimately to the audience if you don't mind I'd like to do a little show of hands exercise uh so how many of you out there uh have actually been involved directly in deploying IPv6 panelists don't count couple how many of you work for an organization where IP uh there's an IPv6 V6 deployment that's active deployed now couple sh we're not there yet we'll go

it deliberately for the time being all right and you know I I I'll make the assumption that the rest of you are here because you didn't answer yes to the first two questions and you'd like to to learn something uh something about it so um IPv6 is a uh interestingly it's a it's a fairly old standard in many ways more than a decade old yet somehow still in its infancy um it's um something that has been making progress lately in the past couple of years I would say U measurable and and interesting progress uh and um to sort of you know as a point of context there um if you're familiar with uh the IPv6 World Day project the

internet society and a Consortium of of large organizations and some small ones uh got together in 2011 and um did this IPv6 World Day project where they wanted to test turning on IPv6 on the public internet uh find out how it went these are companies like Facebook and Google and Comcast and uh about a thousand others actually participated in the end uh and it was it was in many ways a very large success uh for IPv6 and for those organizations um so much so that they followed it up in uh 2012 this year with what they called IPv6 World launch day uh and they called it World launch day because they decided that instead of

doing another test they were actually just going to turn it on and leave it on uh based on the success of the pr previous year and there were about um uh 3,000 organizations that participated uh in 2012 um with with also measurable success uh and um you know many of those organizations if not all of them uh continue to provide V6 services and V6 availability today uh and uh just as a you know to to give you a sense of how much that is you know we say 3,000 sounds like a lot maybe um but if you look at the traffic that the Dutch internet exchange for example uh they publish some statistics they um they

count about half a percent of their traffic as being uh solely IPv6 so 99.5% of it is still ipv4 uh or uh you know they have some mix in there for for tunneling things like that so it's it's not a large percentage it's still very small uh but it's consistently growing um of course in that context we're really only talking about the internet with a capital ey um things that are measurable it's much harder to measure IPv6 the the prevalence of IPv6 and deployment deliberate uh inside organizations inside large organizations and small ones um from you know my perspective my background when I talk to customers I get one of three answers uh when I ask them about IPv6 you know are

you deploying it do you have a project uh one of the answers is yes absolutely that's a fairly rare answer um not not uncommon I would say you know a significant number but not significantly large number um many customers answer with a you know there's a project it's someone else's it's not happening yet it's in the future uh and uh you know you can keep in mind for context that you know most of the time I'm talking to information security folks uh within the organization and then uh a large number of customers reply with a very simple it's not on our radar it's not something we're doing occasionally it's not something I need to worry about uh which

can be a little disturbing um so we see this sort of split between activity and press and publicity publicly uh and the internal deployment uh you know mechanics and and progress for large and small organizations uh and that's you know really where we are with IPv6 in terms of security specifically um you know we know what some of the challenges are we don't know what some of the other challenges are and the unknown unknowns as is often the case are the ones that that uh might be the most concerning and um in order to dive into some of the detail there some of the interesting points I'm going to hand it off to my other panel members here uh and I think

I'm handing it to Ron next wolf wolf G okay my got it so yeah good evening um thanks for the intro for the IPv6 do you have the the slides up there I I actually prepared a couple slides for you it's about a site that I have where I'm listing a couple of IPv6 configurations or tutorials that you can run to become more familiar with it so if you've already running it that's fine there's nothing new here um if you've never done it it's actually pretty easy to do uh to become acquainted with it kind of take a look what works what doesn't work how easy is it um how could you run it in your home those are kind

of the ideas and maybe how can you use it uh on on a daily basis uh I'm not really a networking person much more of a system admin um so you got to take it with a grain of salt but normally I think if I cannot make it work which happened a couple times it's it's uh pretty sophisticated uh and needs much more than you could possibly get when you want to actually use it at home so there's three chapters in there one is simply build an IPv6 network of in a virtual environment get a machine it can run a couple virtual um operating systems we starting with Linux and integrate some windows into it then uh

have another Linux box that routes out to the IPv6 internet and then you can play a little bit with it and and kind of browse the internet through IPv6 um another one is running ipv v six server on uh in this case Amazon that's also fairly simple you can just get a um well it could be a free server micro server Works run Linux on it install an IPv6 tunnel and then you have a machine that can actually serve Pages uh on under IPv6 um and uh that machine is that actually and the last one is then at home so yeah let's go let's go to this next one here so that's kind of how

this starts it's two Linux boxes AB you can then ping between them SSH between them run nmap run Apache uh browse to the page uh can you go to the next one then you put a Windows box in there and uh it's pretty much the same thing you get an IPv6 address and you can just browse along so it's actually actually pretty transparent add a next step is then adding um can you go one more Al you're adding another box in there that routes out to the internet through it has an ipv4 connection which is what most of us have have at home or at work but it tunnels over an ip6 tunnel and that's pretty stable works pretty well

and it's actually pretty easy to set up so maybe four five six hours of work to get something like that up and running and and I think you're gain some pretty good experience by doing something like that uh what else yeah the other one is an ec2 um get a machine there a micro machine is free if you sign up for the first time for a year so it's uh very low cost I request an IP V6 tunnel set it up uh and you're done you basically have a machine that can serve out pages on IPv6 and you can play around a little bit with it and uh see what some of the pitfalls can be in terms of security

because now you're running two protocols you're running ipv4 IPv6 um the Amazon firewall only does ipv4 so um you have to do this by yourself uh at home I I looked into a bunch of routers that would do this this is a dink then um really nice one I mostly bought it because it kind of looks kind of nice uh what else do we have we have an Apple AirPort Express you can't even see that thing under the white background and then an old linkis that runs custom firmware for ipv IPv6 um that's the ranking right now so the dealing doesn't work for me at all um the uh the linkis works pretty well with that firmware it's um but you need

to do your custom firewalling and the airport express works like actually really nicely um has an IPv6 firewall up uh it's a little dice you need some older management software to get to it the newest version doesn't have it anymore Apple dropped it they got a lot of flack for that as well but that actually works pretty well so that's the site IPv6 experiment.com it runs on that Amazon server accessible through ipv4 and IPv6 so and um any feedback um send it to me or send it to feedack back there I will get that and happy to integrate something if you have a home router that works really well we could definitely put it up there so right now

my vote is kind of for the Apple AirPort Express that seems to be giving my family the best IPv6 addresses and um we now access whatever is accessible um on IPv6 so next project for me is kind of measuring that and see how much is that is that 0.5% uh for my particular case or more so I you know appreciate if take a look at the site and I give me some feedback to see if it actually is helpful or whether it's uh too slow or too fast in terms of progress so that was still intro Vol management well so we all do have products that work in that area they all are IPv6 enabled um you can

that means you can scan an IPv6 machine uh through that and see what are the vulnerabilities that are there uh it should be transpar earned meaning this will work just like everything else but there's scotches here and there um I think for the basic vulnerability scanning it's actually not too difficult it works pretty well um we don't have and I'm Ron just kind said same thing we don't have that many customers actually doing this uh some are forced to do it by compliance requirements um we hope that because of the IPv6 world day people implemented more and um that it will get more coverage but right now it's uh it's fairly it's a fairly low um

low on the priority list so I would say it works um major problems are actually more on the management side you used to deal with ipv4 addresses and everybody you can even almost remember then and that's that's kind of difficult on the IPv6 side make sense okay HD or Yep looks okay so a slightly different view I won't go into the V management side so much as the pentesting side um I've been working at metas Forever U we looked at doing metas V6 support about three or four years ago and we got pretty far along with actually four or five years ago now pretty far along with like you know payload support basic Library support things like that it all worked

fine and dandy as long as you know which machine you're attacking and you've got payloads configuration to get there and so on so there's lots of fun headaches involved in V6 too um one thing that very few people take into account and this will be part of a trivia question later on is that some os's hand V6 differently for different Services um you'll see that um if you take a machine and give it a V6 address and scan it and then a V4 address and scan it you'll get a very different profile of open ports uh sometimes it's actually more sometimes it's less for each service um Windows is notoriously bad about having less services on V6 and on V4 which

surprises me when I looked at it um you do get a couple new services with seven and eight that only show on V6 but that's a different story uh but typically you actually have less of a attack service on V6 for Windows operating systems than you do on you know uh other platforms or other other configurations of V4 however on Linux um you actually see more vulnerabilities open on V6 than you do on V4 um it's a fun kind of a odd issue with how things are you know what services buy to what protocol adapter basically um so thing I really want to say about pen testing of V6 is uh if you're doing a there's

really two forms of pen testing there's testing your local network for V6 addresses through the link local addresses that's very effective these days because uh any Appliance you buy any system that's Linux enabled by default we have a V6 address and usually not a V6 firewall so if you buy you know random virtual Appliance from some vendor or you plug your iron you I won't say the name you plug your device into a local network and you uh happen to have a v a local V6 address you can now do terrible things that machine to its V6 address and not it's a V4 um and that makes a lot of Assessments of these devices much easier if you're locally on

on the same land as a device because you bypass the firewall for it um so keep that in mind when you're doing testing if you're doing remote V6 testing the biggest problem there is finding the damn thing um it's saying okay I found one box now what else is out there and there's all kinds of really crazy hacky V6 implementations there's one proposal by Virginia Tech that says for every connection your machine makes we're going to use a different IPv6 address and no other IP is valid for that particular pair so because every host is given a fairly large chunk of addresses there's no shortage of of ips even for a single machine now keep in mind that a

single machine can have multiple V6 addresses per machine per interface at the same time there's no one IP one machine one nick uh you can have you know a thousand IPS on the same Nick on the same box um and if you don't test them all appropriately you're going to miss something so the complexity level of doing a valid V6 pen test has gotten pretty difficult um when things are in these kind of extreme situations but in the short term right now all you really have to remember is follow DNS look for sequential IPS in the lowend ranges of of V6 blocks um and if you have a machine on the local V4 Network try to

find its V6 address and then pound on that because you often find better ways to break in and even if you break into one of those machines the admin's going to be really confused see last login from fe80 colon Co and something other like what the hell is that how did I get owned by by something Alpha you know alpha numeric um so anyways it's it's a fun time to be doing V6 pen Destiny but right now it's only mostly useful on the local land thanks and just talking about some of the security operations uh in relation to IPv6 there's a couple things going on most of the organizations I'm seeing out there their attitude for IPv6 and where

it is on their radar it's not very high they they're much more about the cloud about mobile uh I even like at our booth today I was like hey you worried about IPv6 no I'm worried about iPad they're they're worried about the mobile devices and things like that uh so having said that I mean IPv6 just adds a lot of complexity to whatever you're doing whether it's compliance or Internet response or different things like that and it's just not something that people are really prepared to want to go ahead do but there's really two things I want to address one is just kind of how does this impact compliance operations so to speak so no matter where you're at

you're impacted by compliance iance whether you're in the government in cyers scope or it's a dis kind of thing or it's a PCI kind of thing I have not seen ipv IPv6 show up at all on those things so if you're a typical large federal government organization you're scrambling right now to do a monthly endtoend scan of your entire network and this is for something called cyberscope right cve CP CCE all with ipv4 addresses they they don't have any sort of notion of uh of IPv6 or anything like that and then the second thing is if you're more on the commercial side with PCI and whatnot there's just not a whole lot of knowledge out there of do I need to scan

for IPv6 is it part of my assessment even though a lot of times if you do have an IPv6 internet facing device you can go right past the firewall and so on but the next thing I want to address for IPv6 is even someone HD was just talking about just the how these numbers looked and how these addresses look the the open source Community the vendor Community the services Community is not ready for that so if you have a a network-based anomaly detection system for example there are probably tons of smart phds working on that who've developed ipb IP ipv4 32-bit you know hash tables to do these things when you start just going into the IPv6 address

bace not even talking about some of the the the cases that HD was talking about just handling that kind of bit thing you really don't have the CPU or the memory to kind of keep up with those things so I don't know it doesn't I'm not going to name names but if you're an anomaly customer or a Sim customer or anything like that and you're like ah hey show me the report of the number of hosts that connected to the botn net well if you actually get a larger number of addresses on the inside of your network that's just not going to happen it's not going to happen and then certain things even outside of the Sim or the IDS space

if you just want to say hey report the number of hosts show me these assets just give me a list of IP addresses right that are out there on the network things like um the GRC systems the asset management systems and those kind of things they're really not in uh in tune to handle these large numbers of IPv6 addresses and so on so all that is basically kind of in my mind we're not ready for IPv6 if it is here and we'll probably talk about this in a little bit it it's snuck in the network and and so on I haven't really seen any major hats that leveraged IPv6 exclusively uh most of the big big hacks that are out there

I don't think IPv6 was a factor but uh but it's coming it's uh it's definitely coming so with that I think we've got IPv6 Jeopardy

yes okay so we're going to try something called IPv6 Jeopardy here's the you got it you got it okay actually your questions I have here here here are the questions question yeah just I might whoa okayy hold on we might have lost it lost I6 add yeah did you see anything now all right so we're going to do a little pv6 Jeopardy if I could see what we're doing here all I think we deleted them oh well um hold on yeah we're gonna close I think we actually yeah look at that how is that possible I don't know uh hold on hold on we'll find it we'll find it no we we it actually deleted son of a

gun anyway while we're looking for this we're going to do ip6 IPv6 Jeopardy um what we're going to do is this obviously we have the four people I have red tickets here each red ticket you can take to the bar and put it on my tab for a drink you get the question right you get the red ticket obviously as we go up from 10 to 20 to 30 the questions get harder but you'll get more red tickets however like in real Jeopardy you get the question wrong and you give me back the tickets and it the boys here know as many tickets as we have at the end of the game we get to

drink so it's us against you um I'll take volunteers from the audience if you feel man or woman enough to raise your hand pick a category and a and a the nomination we'll get

started Tim okay we got one right here go ahead HD more for

10 you got one go ahead man how many bare nipples are on the ceiling of this room in terms of an IPv6 net mask I'm kidding Ashley it's a softball um the real question is what is the default consumer bit Mass size and what is the default operator bit M sorry organization bit Mass size provided by most IPv6 isps and tunnel Services that's the easy one that's a soft yeah I don't even know it's easy when your channel interface type if config look kidding sorry I could try to find another softball you want how many noses are I'm kidding um let's see no give us a ticket anyone got you don't have an answer for that so if you go to uh

tunnel broker.net and you can do this while I'm talking if you're really quick and get an IP address get an IP allocation them what do they give you if you're a consumer versus what do they give you if you're an organization and what's the

difference close like shift it to 16 bits one way or another [Laughter] all right I think we got a half answer does that count you get half a ticket and you got to put their half together all right that works so the answer is actually they give you a 64 for a single uh consumer and they give you a SL 48 for an organization so sorry about that who has the all right that thinks we really lost that one so does that make sense SL 6448 sl64 means you can well put a boatload of uh machines in there more than I can count SL 48 yeah more than I don't know the current Internet times

the current Internet is a sl64 okay so that's pretty big that's what you can have at home SL 48 means you have 65,000 and something 16bit subnets that you can have with that type of thing so um it's pretty big people think we'll never run out of it um we'll try we'll try it anyway so I remember when we weren't going to run out of 40 Meg hard drives um all right H next anyone else taking a crack Tim come on Tim for 10 will be sign easier how manys

in thank you all right Tim get you drink all right you see we didn't make them all hard all right who who's next who's our next contestant Jennifer JJ not playing oh come on come on take one you got to take one when you're on this foot he's working all right you know what who's that guy back there with the glass is sitting in the corner we'll get him take one pick one which which category you

want that's a guy with a pair right there okay oh go ahead oh here you need the mic um so try that let's get talk about that one that's we haven't really talk about how difficult is that one okay so conceptual question how difficult is it to map an IPv6 Network very good a little more maybe because this a big

drink so well so it's really big um that takes a long time to map but HD gave a couple pointers he said most organizations will probably allocate addresses kind of in the lower bits so we start with one and give the next machine a two and so on and so you can find you can cut down on the search space which is enormous again uh internet times the internet or something like that by being smart about it so Brute Force scanning is going to be very very slow smart scanning you can still uh be much quicker than and and probably finish in time so focus on the low bits um first 1,000 or if you found a machine

look around many addresses also depend on the Mac address of the box so if you know they use um here quales we use think pads you would you have a pretty good idea what the first uh three octets are of that so they show up you don't have to scan for that so you're cutting down on the search Space by being smarter about it the Brute Force scanning is going to be complicated good answer good complicated diff all right anyone out this gentleman knows about ip6 you've had your hand up twice so now take a

category going for a midlevel Tim for 20 question all

right all right uh let's see are IPv6 headers in the packet larger or smaller than ipv4 yeah you're the you what was your answer you are correct very good would you like the would you like the follow-up question well actually it's not really a followup question oh they're larger the answer is they're larger and they are they are um larger but actually more efficient to process uh and that's one of the the the advantages of IPv6 and they are more efficient to process for a couple of different reasons um so they've removed a bunch of the the sort of optional um header fields that um don't get used very often and um the uh there's no

longer an expectation that the the router will actually calculate TTL um so that that calculation is taken out uh and there's one more one more one more one more one more one more oh no fragmentation of course um so there there's essentially no fragmentation in IPv6 um at least you know in terms of of routing uh and that speeds it up as well okay he's going to continues on his he's going to 30 you no oh a hard [Music] one well let's just follow that up with how does IPv6 handle packet fragmentation or not handle it as the case may be no he giving the ticket back so sad well as I said it doesn't there's

no fragmentation um so basically there there are two ways to to handle it first of all there's um a process called uh path MTU Discovery um where it you know there's a a method of discovering the the MTU for the path that you're traversing so that it gets set correctly and that way the router doesn't have to deal with any fragmentation or it is possible for the endpoints to actually handle the fragmentation you know within uh or sorry to use the um there's a minimum uh MTU that you can use as well but the path MTU Discovery is one we're after there question so how do you fragment them oh you don't that's don't fragment

but something somebody has to fragment all these things have to fit in so endpoint fragments so the applications actually have to fragment or the the the higher levels of the protocol actually are now in charge of making sure that the packets uh are not too big I guess disagree you can fragment IPv6 is fine and you can bypass ra guard using IPv6 fragmentation okay I I was just going to say that that IPv6 is a bit like a teenager trying to push responsibility onto everybody else but you know so what H just said is totally true but it's kind of like you know when you went to grammar school and they told you one plus one you can add numbers and

then they told you the negative numbers and it it is all A New Concept so the truth is you know you go up and down the stack there's always things that you can do if you go one layer lower than what most people think about and you can do amazing amazing things there that just slip by um yeah security mechanisms evasion technology there's a lot of stuff all of a sudden you talk to networking people they will tell you no you can do that stuff with where you thought no that's not possible so gu the answer follow so fragmentation works today but it's not going to work in like a year because every vendor is basically

killing fragmentation from the RFC at this point so the rways do terrible things through fragmentation through fragmentation headers but as all the vendors find out that their Solutions are terrible and don't work with fragmentation they're getting removed one by one from the spec so we're both in different historical timelines excellent so get into parallel universes there um so Tim is done Wolf Gang has only one or two left but no one's asked Ron a question who wants to ask Ron Ron for 10

ip6 I

I don't know don't ask you said no very good here you go we got a winner I'll give him half a ticket that's okay you did good congratulate see we there are winners out there all right very good all right who else we have a few more uh follow you want to do a followup you're on a roll double or nothing baby here we go come on come on Ron for 20 okay so there's more bits in I6 PS right but for TCP and

un correct for 20 here you go you want to push it double or nothing 30 round 30 all right here we go come on baby hold on new dealer let's change the [Laughter] dice go right you have eom PCI PCI you got address hanging out there with zero and like that can you still be PCI comp yes I would have accepted either answer okay very good here take two all right we got a big winner H you're going to keep rolling all right HD let's get the let's get them he or all right it's a good one now this one's easy if you ever actually all right on Windows XP Service Pack 2 with no with no patches applied and

IPv6 enabled what exploits work which ones don't work and you only have to give one example of one that normally works and doesn't and does work anyway anyways and nipple counts work too [Laughter]

so all right anybody know all the framework through this any exploit Works doesn't be a met can be any kind of exploit out there sorry so 67 did you say that works or doesn't work on V6 doesn't work on6 why which one does work and why so we're halfway there so the freebie answer is ms8 067 does not work when is XPS V2 on IPv6 but it should why doesn't it and if you can get that and you can get an example of a working exploit yes sir so yes that the net bio service does not bind to V6 addresses in XP excellent excellent think you WI a ticket the RDP well RDP you're right it will

work but it's if it does work it will work but the one that still works though is MSO 3026 dcom so you can Blaster so you can still use the Blaster exploit on xp2 boxes on V6 but you can't use the conficker bug because it won't buy n bys the V6 really yeah it's weird so okay yeah we need to take some no well besides tickets I've got some other stuff to give away who who has who wants an iPad uh iPad not an iPad yeah I wish it's a new one it's the iPad 4 it's going to be real it's a 4 iner um it's a slider we'll make it a real easy question

anybody want to take a shot for this all right that was an easy question T-shirt you got an ip6 question for a t-shirt do it so t-shirt t-shirt t-shirt okay okay um what's the equivalent of arp ipv4 arp and

IPv6 what are we giving it that was the best answer all day um who has what about this gentleman in the beard back here we'll give him a t-shirt question well would you rather a do you have an iPad you want kick stand for an iPad instead he come on Don't Mess with Texas he because he from my state all right how about an iPad question come who got a question you want to give him the r question because we didn't answer it did we do the first one yeah I don't think we did the first one so current percentage of IPv6 traffic on the internet on the open internet half% half per is pretty good

what else any any other any other guesses here say half half per is good I think it's 75 right now the measurements the the most recent what I saw and without the pornography zero it goes down yeah so traffic traffic so I spoke to some guys from Yahoo the other day and they said they have about 3% of their traffic is IPv6 already so it's it's and they see it they see it growing because of the connection of the could be could be Japan could be anything of like that where there people kind of use it more uh advanced mode guess so instead ofor discover correct yeah in V4 it's yeah what's the equivalent in V6 NP

NDP of art no okay give that chart back NP what do you mean you can call ICB V6 but it's still NDP IPv6 yeah same thing NDP NDP I'll give it back to same thing NDP is on top byp V6 so it's layered but well it's V6 normally you just do an icmp so I I guess icmp does much more in so normally in V I guess in V4 I think of it as pink right but in under V6 it does many more things it discovers routers and and discovers nodes and stuff like that there's no more it's IP yeah all right um we got 120 question with HD Mo left this gentleman over here you haven't

asked one you want to do one him no behind actually you two haven't either any any of you guys Step Up you you ready if your Mana no he's ready all right give him a 20 in IPv6 what is a scope ID and what does it matter Jordan you have a question answer sorry uh scope as it applies to the socket call when you're creating a socket you have to specify the scope ID and why does that scope ID matter with some types of show

code all right so the thing is if on if you're using a link local adders a link local address like fe80 something is only valid on that particular interface you can have the same link local address on multiple interfaces on on the same machine yeah get close um so you can have the same IP on multiple interfaces on F link local so the way they differentiate those is through a scope ID parameter on the socket call which indicates which interface the socket should go through however if you're writing Shell Code that's reverse connect on link local IP the reverse connect Shell Code has to know the interface number that it's running on to be able to connect back to

the machine on the link local network so you have to guess a r magic freaking number on a remote machine to make your reverse Shell Code work on link local V6 it was an easy question so oh Allan wins got it it was an easy yeah that was a well rehearsed answer all right we have a um what do I got here an iPhone 4 case does anyone have an iPhone 4 case or have an iPhone 4 that needs a case yes all right do we have any questions left what's faster what's what's faster what's faster

manual or

automatic I would go counter dropped all the

is that

correct okay I don't have any other swag to give out I don't know if anyone else wants a drink no whatever's left over we're drinking um I think that's going to bring an end to our IPv6 panel then as well as an end to bsides this year guys thanks everyone for coming [Music] you guys put on a great show enjoy deathcon um I are we GNA have some closing statements Jack yeah come on

well thank you all thank thank you guys for coming this a fantastic wrapup panel thank you all this has been an outstanding event The Artisan has been great uh the shuttles are running a little bit longer uh if you're headed back to Rio or Caesars the the route should be leaving the back where the shuttles run from here to Rio to Caesars if anybody's headed to toxic barbecue tell the bus driver they'll run to the park and drop you off but you need to find your own way back unless you are only staying for a few minutes uh we're going to clear the place out and tear down because at 9:30 we open for the party and the party runs until

5:30 in the morning so if you're coming back over for the party there will be a shuttle bus running from Caesars to Rio here a Non-Stop Loop only one bus uh but non-stop loop from 9:30 this evening till 5:30 tomorrow morning we have a stack of DJs and dual core are all lined up to uh start rolling so uh at 9:30 we hope you guys come back but thank you very much for participating and uh since we have a a team of uh sponsors up here I'd like to thank you guys again because it's fantastic thank you very much that's makes it happen and now it's time for the volunteers to uh earn their pay oh

wait we don't get paid that's right we have 15 bucks in a t-shirt 15 bucks in a t-shirt so thank you all very much as you go home find the bides near you and uh participate there thanks we'll see you tonight love