IPv6 Part - B-2 : Network part, also known as prefix

Now lets take a look at the different types of prefixes (and therefore address types):

- Link local address type

These are special addresses which will only be valid on a link of an interface. Using this address as destination the packet would never pass through a router. It's used for link communications such as:

• anyone else here on this link?
• anyone here with a special address (e.g. looking for a router)?

They begin with ( where "x" is any hex character, normally "0")

fe8x: <- currently the only one in use.
fe9x:
feax:
febx:
An address with this prefix is found on each IPv6-enabled interface
after stateless auto-configuration (which is normally always the case).

- Site local address type

These are addresses similar to the RFC 1918 / Address Allocation for Private Internets in IPv4 today, with the added advantage that everyone who use this address type has the capability to use the given 16 bits for a maximum number of 65536 subnets. Comparable with the 10.0.0.0/8 in IPv4 today.
Another advantage: because it's possible to assign more than one address to an interface with IPv6, you can also assign such a site local address in addition to a global one.
It begins with:
fecx: <- most commonly used.
fedx:
feex:
fefx:(where "x" is any hex character, normally "0")

- Global address type "(Aggregatable) global unicast"

Today, there is one global address type defined (the first design, called "provider based," was thrown away some years ago RFC 1884 / IP Version 6 Addressing Architecture [obsolete], you will find some remains in older Linux kernel sources).
It begins with (x are hex characters)
2xxx:
3xxx:
Note: the prefix "aggregatable" is thrown away in current drafts.There are some further subtypes defined…

- Multicast addresses

Multicast addresses are used for related services.
They alway start with (xx is the scope value)
ffxy:
They are split into scopes and types:

1. Multicast scopes:

Multicast scope is a parameter to specify the maximum distance a multicast packet can travel from the sending entity.
Currently, the following regions (scopes) are defined:

• ffx1: node-local, packets never leave the node.
• ffx2: link-local, packets are never forwarded by routers, so they never leave the specified link.
• ffx5: site-local, packets never leave the site.
• ffx8: organization-local, packets never leave the organization (not so easy to implement, must be covered by routing protocol).
• ffxe: global scope.
• others are reserved.

2. Multicast types:

There are many types already defined/reserved (see RFC 2373 / IP Version 6 Addressing Architecture for details). Some examples are:

• All Nodes Address: ID = 1h, addresses all hosts on the local node (ff01:0:0:0:0:0:0:1) or the connected link (ff02:0:0:0:0:0:0:1).
• All Routers Address: ID = 2h, addresses all routers on the local node (ff01:0:0:0:0:0:0:2), on the connected link (ff02:0:0:0:0:0:0:2), or on the local site (ff05:0:0:0:0:0:0:2).

3. Solicited node link-local multicast address:

Special multicast address used as destination address in neighborhood discovery, because unlike in IPv4, ARP no longer exists in IPv6.
An example of this address looks like ff02::1:ff00:1234
Used prefix shows that this is a link-local multicast address. The suffix is generated from the destination address. In this example, a packet should be sent to address "fe80::1234", but the network stack doesn't know the current layer 2 MAC address. It replaces the upper 104 bits with "ff02:0:0:0:0:1:ff00::/104" and leaves the lower 24 bits untouched. This address is now used `on-link' to find the corresponding node which has to send a reply containing its layer 2 MAC address.

- Anycast addresses

Anycast addresses are special addresses and are used to cover things like nearest DNS server, nearest DHCP server, or similar dynamic groups. Addresses are taken out of the unicast address space (aggregatable global or site-local at the moment). The anycast mechanism (client view) will be handled by dynamic routing protocols.
Note: Anycast addresses cannot be used as source addresses, they are only used as destination addresses:

- Subnet-router anycast address:

A simple example for an anycast address is the subnet-router anycast address. Assuming that a node has the following global assigned IPv6 address:
3ffe:ffff:100:f101:210:a4ff:fee3:9566/64 <- Node's address The subnet-router anycast address will be created blanking the suffix (least significant 64 bits) completely:
3ffe:ffff:100:f101::/64 <- subnet-router anycast address.

IPv6 Part - B-1 : Address Space Forms

I'll start with two useful questions :

Q: Why is the name IPv6 and not IPv5 as successor for IPv4?

A: On any IP header, the first 4 bits are reserved for protocol version. So theoretically a protocol number between 0 and 15 is possible:

• 4: is already used for IPv4

• 5: is reserved for the Stream Protocol (STP, RFC 1819 / Internet Stream Protocol Version 2) (which never really made it to the public)

The next free number was 6. Hence IPv6 was born!

Q: IPv6 addresses: why such a high number of bits?

A:During the design of IPv4, people thought that 32 bits were enough for the world. Looking back into the past, 32 bits were enough until now and will perhaps be enough for another few years. However, 32 bits are not enough to provide each network device with a global address in the future. Think about mobile phones, cars (including electronic devices on its CAN-bus), toasters, refrigerators, light switches, and so on...So designers have chosen 128 bits, 4 times more in length and 2^96 greater in size than in IPv4 today.The usable size is smaller than it may appear however. This is because in the currently defined address schema, 64 bits are used for interface identifiers. The other 64 bits are used for routing. Assuming the current strict levels of aggregation (/48, /32, ...), it is still possible to "run out" of space, but hopefully not in the near future.

- Addresses without a special prefix

This is a special address for the loopback interface, similiar to IPv4 with its "127.0.0.1". With IPv6, the localhost address is:
0000:0000:0000:0000:0000:0000:0000:0001 or compressed ::1

- Unspecified address

This is a special address like "any" or "0.0.0.0" in IPv4 . For IPv6 it's:
0000:0000:0000:0000:0000:0000:0000:0000 or ::
These addresses are mostly used/seen in socket binding (to any IPv6 address) or routing tables.
Note: the unspecified address cannot be used as destination address.

- IPv6 address with embedded IPv4 address

1. IPv4-mapped IPv6 address:

IPv4-only IPv6-compatible addresses are sometimes used/shown for sockets created by an IPv6-enabled daemon, but only binding to an IPv4 address.
These addresses are defined with a special prefix of length 96 (a.b.c.d is the IPv4 address):
0:0:0:0:0:ffff:a.b.c.d/96 or ::ffff:a.b.c.d/96
For example, the IPv4 address 1.2.3.4 looks like this: ::ffff:1.2.3.4

- IPv4-compatible IPv6 address

Used for automatic tunneling (RFC 2893 / Transition Mechanisms for IPv6 Hosts and Routers), which is being replaced by 6to4 tunneling.
0:0:0:0:0:0:a.b.c.d/96 or ::a.b.c.d/96

Protect your browser from attack ads

A newly discovered security flaw in Internet Explorer 6 is being exploited by virus writers to spread a worm via online advertisements...

The bug is caused by the way iFrames – the HTML commands for displaying frames on a Web page – are processed in IE6. When you click the attack program's link, it triggers a buffer overflow error, causing the browser to fail. A clever attacker can then load his or her own program onto your PC and take over your machine. If you don't click the malicious ad, your computer will not be attacked.
Poeple using Windows XP Service Pack 2 are not affected by the bug. Prior versions of Windows, however, from 98 through XP Service Pack 1, are vulnerable. Users should install Microsoft's patch to block potential attacks. The patch is also a cumulative update for IE, so you will get all the previous patches in this single download.

Linux vendors release security patches

Red Hat, SuSE and Mandrakesoft have all released patches for their Linux products to fix security flaws - some of which are rated 'critical'.

Linux vendors Red Hat, Novell and Mandrakesoft on Wednesday released patches for several vulnerabilities, ranging from flaws that could allow denial-of-service (DoS) attacks to buffer overflows.

Five of the updates released were rated "highly critical" on Thursday by security information company Secunia. Red Hat released three updates, while Novell's SuSE and Mandrakesoft each released one.
SuSE issued updates to resolve flaws including a vulnerability that could allow malicious code to cause a local DoS attack using a specially created Acrobat document. The vulnerabilities would affect most SuSE Linux-based products.
Another vulnerability in the Linux system components used to route network traffic could allow a malicious person to execute a local DoS attack by inserting erroneous information into the netfilter data stream, according to SuSE.
Red Hat, meanwhile, issued a package of updates for its desktop, enterprise and advanced-workstation software.
An updated libtiff package was released to address vulnerabilities involving various integer overflows. The vulnerabilities would enable an attacker who has tricked a user into opening a malicious image file in the TIFF format to make a libtiff-related application crash or have the potential to compromise the computer with arbitrary code.
Red Hat also released updates for Xpdf packages to address a vulnerability to a potential buffer overflow. Xpdf is a stand-alone application for reading Portable Document Format documents and is also used by many Linux programs to process PDF files. This vulnerability could enable an attacker to create a PDF file that would crash Xpdf and possibility execute arbitrary code when opened, according to Red Hat's update.
Red Hat also released multiple patches to resolve flaws in its Xpm library. The XPixMap (XPM) format enables colour images to be stored in an easily portable file.
Several stack overflow flaws and an integer overflow vulnerability were found in the libXpm library, which, in turn, is used to decode XPM images. If an attacker creates an XPM file that causes an application to crash, a computer system could be compromised.
Mandrakesoft also released an update for Imlib, a standard set of code used by older versions of the GNOME desktop to process graphics.
Image-related vulnerabilities have cropped up recently in other Linux software.
Last month, a couple of Linux groups issued patches for several flaws in common Linux code used in older GNOME desktop versions for processing graphics. Those vulnerabilities could enable attackers to compromise computers that display a malicious image file.

Microsoft: DRM Trojan hole is not a vulnerability

Microsoft has responded to security warnings about its Media Player by saying that Windows XP SP2 will protect its customers from malware...

Microsoft has denied that an anti-piracy "feature" in its Windows Media Player that allows a Trojan horse to run on a user's PC is a vulnerability.

Panda Software warned earlier this week that hackers are using the player's DRM tool to fool people into downloading spyware and viruses.
The Spanish security company said that virus writers had released licence-protected multimedia files containing Trojan horses (WmvDownloader.A and WmvDownloader.B) that can exploit the anti-piracy features in version 10 of the Media Player and Windows XP SP2.
Despite Panda's warning that the Trojan can download a cocktail of malware, Microsoft denies there is a flaw in its software.
"This Trojan appears to utilise a function of the Windows Media DRM designed to enable licence delivery scenarios as part of a social engineering attack," said Microsoft in an emailed statement.
"There is no way to automatically force the user to run the malicious software. This function is not a security vulnerability in Windows Media Player or DRM."
But Microsoft didn't say whether Windows XP SP2 fully protected users from unwanted downloads.
"Internet Explorer for Windows XP SP2 helps prevent downloads from automatically launching. Users who have installed Windows XP SP2 and turned on the pop-up blocker have an added layer of defence from this Trojan's attempt to deliver malicious software," said Microsoft.The Redmond giant also said that people should go to the police if they think they have been attacked by such Trojans

Bypass filtering method 2

Some ISP's don't allow to you that connecting to the known proxy servers and ports.

For who they have this problem download JAP then:
Install it, and let it to configure your browser.Then run it from "Start->programs" and browse any where.

IRAN web filtering goes stupid!

...The problem is these days they're filtering so many other sites such as "Orkut". They changed their ways in web filtering.

Here're the list of proxy servers which you can use it to bypass the censorship.
Enter one of these addresses into your explorer "Proxy Settings".I've checked all of them.
--------------------------------------------
planlab1.cs.caltech.edu:3128
planetlab2.cs.purdue.edu:3128
planetlab1.ucsd.edu:3128
planetlab-1.Stanford.EDU:3128
planetlab1.lcs.mit.edu:3128
planetlab1.eecs.umich.edu:3128
planetlab1.csres.utexas.edu:3128
planetlab1.cs.Virginia.EDU:3128
planetlab1.cs.umass.edu:3128
planetlab1.cs.uiuc.edu:3128
Planetlab1.CS.UCLA.EDU:3128
planetlab1.cs.ubc.ca:3128
planetlab-1.CS.Princeton.EDU:3128
planetlab1.cs.duke.edu:3128
planetlab1.cs.cornell.edu:3128
planetlab1.comet.columbia.edu:3128
PLANETLAB-1.CMCL.CS.CMU.EDU:3128
planetlab1.cis.upenn.edu:3128
planetlab-02.bu.edu:3128
planetlab01.cs.washington.edu:3128
planet2.cs.rochester.edu:3128
planet1.scs.cs.nyu.edu:3128
planet1.cs.ucsb.edu:3128
planet1.cc.gt.atl.ga.us:3128
---------------------------------------------
Another useful source to such this servers & bypass censorship are here:
http://www.web.freerk.com/proxylist.htm