Currently there are no comfortable tools out which are able to check a system over network for IPv6 security issues. Neither Nessus nor any commercial security scanner is as far as I know able to scan IPv6 addresses.
ATTENTION: always take care that you only scan your own systems or after receiving a written order, otherwise legal issues are able to come up to you. CHECK destination IPv6 addresses TWICE before starting a scan.
With the IPv6-enabled netcat (see IPv6+Linux-status-apps/security-auditing for more) you can run a portscan by wrapping a script around which run through a port range, grab banners and so on. Usage example:
# nc6 ::1 daytime 13 JUL 2002 11:22:22 CEST |
NMap, one of the best portscaner around the world, supports IPv6 since version 3.10ALPHA1. Usage example:
# nmap -6 -sT ::1 Starting nmap V. 3.10ALPHA3 ( www.insecure.org/nmap/ ) Interesting ports on localhost6 (::1): (The 1600 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 53/tcp open domain 515/tcp open printer 2401/tcp open cvspserver Nmap run completed -- 1 IP address (1 host up) scanned in 0.525 seconds |
Strobe is a (compared to NMap) more a low budget portscanner, but there is an IPv6-enabling patch available (see IPv6+Linux-status-apps/security-auditing for more). Usage example:
# ./strobe ::1 strobe 1.05 (c) 1995-1999 Julian Assange <proff@iq.org>. ::1 2401 unassigned unknown ::1 22 ssh Secure Shell - RSA encrypted rsh ::1 515 printer spooler (lpd) ::1 6010 unassigned unknown ::1 53 domain Domain Name Server |
Note: strobe isn't really developed further on, the shown version number isn't the right one.
If the result of an audit mismatch your IPv6 security policy, use IPv6 firewalling to close the holes, e.g. using netfilter6 (see Firewalling/Netfilter6 for more).
Info: More detailed information concerning IPv6 Security can be found here: