tsb-moderator

In IPv6, site-local addresses were designed to address hosts inside a site without using a global prefix. These addresses are equivalent to private IP addresses in IPv4. We know that in IPv4, the following blocks of addresses are used private addressing:

10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255

In IPv6, a site-local address has the following format:

1111 1110 11 | Subnet ID | Interface ID

Here, the first 10 bits of a site-local address is 1111 1110 11. The next 54 bits are used for subnet ID and the last 64 bits are used for interface ID.

In other words, the first 16 bits of a site-local address are FEC0 and the first 10 bits are 1111 1110 11. So, an IPv6 site-local address is also specified with the format FEC0::/10.

But, please note that site-local addresses are deprecated in IPv6. Instead, unique local IPv6 unicast addresses are used. But, existing implementations sometimes still use these site-local IPv6 addresses.

In IPv6, link-local addresses are used on a single link. In scenarios like automatic address configuration and neighbor discovery, these link-local addresses are used.

Every IPv6-enabled host or router has a link-local IPv6 address on its interface. When a host boots up, it assigns an IPv6 link-local address on its interface automatically. Later, even when the interface is assigned one IPv6 address manually or the interface receives an IPv6 address from a DHCP server, the interface will still have the link-local address.

So, if the DHCP server is not present, the hosts on a network can use link-local addresses to access local resources using IPv6, though the hosts won’t be able to access the Internet or access resources on other links using the link-local addresses. And, when a router receives an IPv6 packet with a link-local address as the source or the destination address, the router should never forward the packet to other links.

In IPv6, a link-local address has the following format:

FE80 : 0000 : 0000 : 0000 : XXXX : XXXX : XXXX : XXXX

Here, the last 64 bits (XXXX : XXXX : XXXX : XXXX) specify an interface ID. Please note that the first 10 bits are 1111 1110 10, the next 54 bits are all 0s and the last 64 bits specify an interface ID.

In other words, the prefix of a link-local address is 1111 1110 1000 0000 or fe80 and the first 10 bits are 1111 1110 10. So, a link-local address is also specified with the format FE80::/10

Every interface on an IPv6 device is assigned one unicast address. The unicast address identifies the interface uniquely. When a packet is sent to a specific unicast address, the packet is received by the interface that is assigned that unicast address.

There can be different types of IPv6 unicast addresses. An IPv6 Global Unicast Address is a routable IPv6 address that can be routed by a router and is globally reachable on the IPv6 Internet. An IPv6 Global Unicast Address is equivalent to an IPv4 public IP address.

An IPv6 Global Unicase Address has the following format:

| Global Routing Prefix | Subnet ID | Interface ID |

The Global Routing Prefix is used for network routing. The Subnet ID is used for subnetting. And, the interface ID is usually 64-bit long and it identifies an interface.

The IPv6 address 0:0:0:0:0:0:0:0 is called the unspecified address. This address is never assigned to any node. But, sometimes this address is used as the source address in an IPv6 packet. For example, when a host is initializing, it can send an IPv6 packet with the unspecified address 0:0:0:0:0:0:0:0 as the source address of the packet. The packet with the unspecified address specifies that the host is initializing and it has not yet learned its own address.

The unspecified address should never be used as the destination address of any IPv6 packet. And, if an IPv6 router receives an IPv6 packet with the unspecified address as the source address, the router should never forward the packet.

People tend to want things that they think is limited in supply, exclusive or not easily available. For example, if someone goes to a shop and sees some discount is getting offered, the person is more likely to buy the item if he is told the discount is for limited time period only or the discount ends today. And attackers often exploit this in social engineering.

Let’s say, attackers send a phishing email to a victim. The email purportedly comes from a reputed ecommerce company and shows 60-70% discounts on some popular items. When a user falls victim and clicks on a buy now link, the victim is redirected to a fraudulent ecommerce website that looks quite similar to the original one. This is a good example of scarcity. Here attackers deceive a victim in believing that the popular items are scarce and heavily discounted.

Another example is a phishing email that informs a victim that the victim has won some lottery or lucky draw or some prince from some country wants to share his fortune with the victim. Here attackers are deceiving a victim in believing that the offers are exclusive to the victim.

Another good example of using scarcity in social engineering would be a phishing email that informs a victim that his account is about to be disabled and in order to prevent this happening the victim should click on a link and verify his information within 24 hrs. Here attackers create a sense of urgency by making a victim believe that the victim has only limited time in hand by which he has to provide his information and failing which his account will be disabled. Thus attackers often use scarcity principle in creating a sense of urgency to victims.

So, a phishing email that informs a recipient that his account is about to be disabled as his payment information could not be verified and hence the recipient should click on a link and provide his payment information within 24 hrs. is also an example of using scarcity principle in social engineering.

Hope this helps.

You can go to browser settings and disable the push notifications.

In Chrome in desktop:

Go to Settings -> Advanced -> Content Settings -> Notifications.

You would see a list of sites that is allowed to send you notifications as well as a list of sites that is blocked. Here you can remove any website from which you do not want to get any notification. You may also want to enable “Ask before sending”, so that no website can send you notifications unless you give that website required permission to do so.

In Chrome in mobile devices:

Go to Settings -> Advanced -> Site settings -> Notifications.

You can disable a site here from the list of allowed sites. You may also want to enable “Ask before allowing sites to send notifications”

In Firefox:

Go to Preferences -> Privacy and Security -> Permissions -> Notifications -> Settings.

There you can see a list of sites that have requested to send push notifications. You can disable the sites individually or all at once. You can also enable “Block new requests asking to allow notifications”.

In Safari:

Go to Preferences -> Notifications and disable “Allow websites to ask for permission to send push notifications”

In Microsoft Edge:

Go to Menu -> Settings -> Advanced Settings -> Website Permissions

There you would see a list of sites that have various permissions including sending push notifications. You can turn on or off these permissions.

You can also disable Microsoft Edge entirely from sending these notifications from system settings. You would need to go to Start Menu -> Settings -> System -> Notifications & actions. You can now scroll down to Microsoft Edge and disable it entirely from sending any notifications.

We can take the following steps to secure router and home network:

1. Change the default name of your home network. You can change the SSID to something that cannot be guessed so easily. For example, your SSID should not be “John’s Wi-Fi” or something that includes the name or model number of the router.

2. Disable SSID broadcast, so that one cannot get the SSID of your home network unless one searches with the exact SSID.

3. Change the default IP of the router. For example, if your router is accessible with the IP 192.168.0.1, you can change it to 192.168.0.89.

4. Change the default admin password of your router. Please remember that, the length of the password should be at least 12 and it should contain a combination of small letters, capital letters, numbers and special characters.

5. Enable firewall and DDoS protection in your router.

6. Disable WPS. Using WPS one can easily set up Wi-Fi networks by using the PIN printed on the router. This is a rarely used feature and makes the router much vulnerable. So, it is better to disable it.

7. Disable UPnP. UPnP is a technology that enables device-to-device networking easily. For example, you can connect a printer to the home network and other devices can connect with the printer using UPnP without needing much configurations. But, UPnP makes the router much vulnerable to cyber attacks. It can expose control interfaces to the public Internet and allow attackers to gain control of the network. So, it is better to disable it. You would get more information here : https://www.thesecuritybuddy.com/malware-prevention/what-is-upnp-and-security-risks-of-upnp/

8. Disable remote management of the router from outside the home network. This feature is not much needed and it can increase the possibility of intrusions. So, it is better to disable it.

9. It is better to restrict what all devices can access the router web interface by filtering the MAC address. One can go to router settings and provide a list of MAC addresses of devices that can access the web interface of the router settings.

10. Enable HTTPS access to router interface.

11. Please remember to log out when you are done. You can also open the router interface using a browser in private or incognito mode, so that no cookies are left to the device once the browser closes.

12. Disable services that you don’t need on the router. For example, you can disable SSH, HNAP etc.

13. Enable network encryption. It is better to use WPA2. You can find more information on what WEP, WPA and WPA2 are and why WPA2 is more secure here: https://www.thesecuritybuddy.com/network-security/wep-vs-wpa-vs-wpa2/

14. It is good to turn off home Wi-Fi when you are not at home.

15. Update the firmware of your router regularly. More updated the firmware is, lesser are its security vulnerabilities and more secure it is.

16. And last but not the least, please configure proper firewalls to every device on your home network that connects to the Internet.