摘要
为增强用户IPv6地址的隐私性,苹果生态操作系统(包括macOS、iOS和iPadOS)节点使用随机接口标识符和临时IPv6地址。此外,因苹果移动终端节点协议支持和防火墙配置的特殊性,导致现有本地链路IPv6地址扫描技术存在IPv6地址扫描结果完整度低、缺乏对移动终端节点支持的问题。为此,提出一种基于主机标识符关联的双栈节点IPv6地址快速扫描技术(HScan6)。首先通过地址解析协议(ARP)扫描获取本地链路中活跃的IPv4地址,然后通过DNS服务发现(DNS-SD)协议获取与活跃IPv4地址相关联的主机标识符;接着使用组播DNS(mDNS)协议获取与主机标识符相关联的IPv6地址;最后利用互联网控制报文协议第六版(ICMPv6)差错报告功能对同一主机的不同全球单播地址进行分类,以区分永久和临时IPv6全球单播地址。构建了一个由4个桌面版本(macOS)和6个移动版本(iOS和iPadOS)苹果生态操作系统组成的典型IPv6本地链路环境,将HScan6同两个基于双栈关联的IPv6地址扫描方法LLMNR6和LinkScan6及Nmap工具的4个IPv6地址扫描脚本进行比较。实验结果表明,LLMNR6和LinkScan6无法有效扫描到这些节点的IPv6地址,而与Nmap的4个脚本相比,HScan6可额外扫描多达20个IPv6地址,有效提升了IPv6地址扫描结果的完整度。此外,具体到单个苹果生态操作系统,HScan6可额外多检测1~2个IPv6全球单播地址。
To enhance the privacy of user IPv6 addresses,Apple ecosystem operating system(including macOS,iOS and iPadOS)nodes employ random interface identifiers and temporary IPv6 addresses.Moreover,the unique protocol support and firewall configurations of Apple’s mobile terminal nodes contribute to the existing deficiencies in local link IPv6 address scanning technologies,characterized by low completeness of scanning results and a lack of support for mobile terminal nodes.To address the aforementioned issues,this paper proposed a novel technology named HSacn6,which was based on host identifier-associated dual-stack node IPv6 address rapid scanning technology.Initially,HScan6 conducted an address resolution protocol(ARP)scan to identify active IPv4 addresses within the local network.Subsequently,it utilized the domain name system ser-vice discovery(DNS-SD)protocol to retrieve the host identifiers associated with these active IPv4 addresses.Then,it employed the multicast DNS(mDNS)protocol to obtain the IPv6 addresses associated with the host identifiers.Finally,using the error reporting function of Internet control message protocol version 6(ICMPv6),different global unicast addresses of the same host were classified to distinguish between permanent and temporary IPv6 global unicast addresses.To validate the effectiveness and advancement of the HScan6 technology,this study constructed a typical on-line IPv6 network environment comprising 4 desktop versions(macOS)and 6 mobile versions(iOS and iPadOS)of the Apple ecosystem operating system.In this network environment,HScan6 was compared with two dual-stack-associated IPv6 address scanning methods,LLMNR6 and LinkScan6,and 4 IPv6 address scanning scripts from the Nmap tool.The experimental results indicate that LLMNR6 and LinkScan6 are unable to effectively scan the IPv6 addresses of these nodes.In contrast,when compared with the 4 scripts from Nmap,HScan6 could additionally scan up to 20 IPv6 addresses,significantly enhancing the completeness of the IPv6 address scanning re
作者
方亚开
张连成
郭毅
张宏涛
程兰馨
Fang Yakai;Zhang Liancheng;Guo Yi;Zhang Hongtao;Cheng Lanxin(School of Cyber Science&Engineering,Zhengzhou University,Zhengzhou 450001,China;Network Management Center,Zhengzhou University,Zhengzhou 450001,China;College of Cyberspace Security,Information Engineering University,Zhengzhou 450002,China)
出处
《计算机应用研究》
CSCD
北大核心
2024年第12期3772-3776,共5页
Application Research of Computers
基金
河南省重点研发与推广专项(科技攻关)项目(232102210135,212102310989)
河南省自然科学基金资助项目(242300421415)
河南省高等学校重点科研资助项目(22A520044)。
