Just some small updates to the scripts that generate the lists of IETF Drafts and RFCs. A few bug fixes mean that especially with the RFCs they should cross-link better when it comes to updates and obsoletes.
Bad Dockerfile Image now available
A pre-built Bad Dockerfile image is now available from Docker Hub. Just do a ‘docker pull imiell/bad-dockerfile’ and it’s all yours.
Introducing Bad Dockerfile
After a chat with Ian Miell who was having issues testing out various Docker image scanners I’ve created the Bad Dockerfile project. This is a simple utility which is made of vulnerable software with known CVEs. The idea is you can run it against various Docker image scanners and see which CVEs it catches and which ones it doesn’t. Give it a go and let me know.
Updated RFCs
Added some new RFCs today including:
-
rfc7739: Security Implications of Predictable Fragment Identification Values
-
rfc7721: Security and Privacy Considerations for IPv6 Address Generation Mechanisms
-
rfc7610: DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers
-
rfc7381: Enterprise IPv6 Deployment Guidelines
-
rfc7219: SEcure Neighbor Discovery (SEND) Source Address Validation Improvement (SAVI)
Ping
The site is still kicking (despite the lack of updates from me). I think it’s becoming more of a historical artefact its self than reporting on on-going events. The RFC and Draft RFC list updates are kept up to date as that happens automatically but I probably need to do a scan for anything new. I’ve been going though and removing all the dead links which unfortunately are adding up ! I do have a local copy of everything on the site but just need to figure out if me hosting the content is the best way forward.
Still Alive
I know it’s been a little while since the last update but I’m still trying to keep the site alive with some relevant content. I’ve just removed some dead links and also included RFC7113 on RA-Guard. In addition to this added a bunch of more recent whitepapers from the 2011-13 North American IPv6 Summit meetings as well as DEFCON.
Tools update
The security tools section has now been updated to separate out the more attack specific tools and this list has also been updated. In addition to this there are some minor RFC and IETF-Drafts updates.
Minor RFC Updates
Some minor RFC updates to rfc1788, rfc6890, rfc6918 and rfc6946.
Draft Updates
Some more draft updates including:
- draft-gont-6man-predictable-fragment-id-03.txt
- draft-gont-opsec-ipv6-host-scanning-02.txt
- draft-gont-opsec-ipv6-implications-on-ipv4-nets-02.txt
- draft-ietf-6man-oversized-header-chain-02.txt
- draft-ietf-v6ops-ra-guard-implementation-07.txt
- draft-macaulay-6man-packet-stain-01.txt
Housekeeping and Updates
Quite a few updates today including some housekeeping and removal of some dead links. The general round of updates on RFCs and IETF drafts was also done to make sure they are all the latest versions. Added some whitepapers from 2011 and a new toolkit for security assessments of IPv6.