Cisco

Discovering temporary IPv6 Global-Unicast Addresses (Privacy Extensions) with PowerShell

By on ( Leave a comment )

In this article I would like to enlight the purpose of temporary IPv6 addresses. By default, automatic IPv6 setup of Link-Local Addresses is activated on each IPv6 enabled device. This makes IPv6 addresses easy to identify and track, because they are generated from the MAC Address. If there wouldn’t be the privacy extensions that generate IPv6 addresses via random numbers.

They also change on a regular basis, so that nothing stands in the way of privacy when surfing the Internet.

Privacy Extensions

This happens in fact of the Stateless Address Autoconfiguration (SLAAC). In addition to the IPv6 addresses which are usually assigned by the Internet Service Provider there is also another address. This is the temporary address and is used for communication to the Internet. We’re talking about this one shown with Get-NetIPAddress or ipconfig:

Get-NetIPAddress -AddressFamily IPv6 -PrefixOrigin RouterAdvertisement | Select IPAddress,SuffixOrigin,PrefixOrigin
ipconfig

1.PNG

Don’t get distracted by ipconfig, but concentrate to the first command. With Get-NetIPAddress we can see two IPv6 Global Unicast Addresses which are both routable on the internet. But they differ. The first one is random. It’s the temporary IPv6 Global Unicast Address.

If you cannot find it on your system, then IPv6 is probably not activated, which usually means that except for the link-local address (fe80:::) all other IPv6 addresses are missing. Well, not every city is as modern as Vienna. 😎 Netherless, I would be glad if you keep up reading my article. It will become interesting – with or without a temporary address.

The Test

Well, the theory is that I’m going on the Internet with the random generated IP.  I’ll try it out right away.

2.PNG

3.PNG

Quod erat demonstrandum.

Deactivate Privacy Extensions

For some reason you might want to deactivate this feature. Well then, open Windows PowerShell and run

Set-NetIPv6Protocol -RandomizeIdentifiers Disabled
Set-NetIPv6Protocol -UseTemporaryAddresses Disabled
Restart-Computer -Force

After a restart the temporary address has disappeared and we go out with the “real” IP. Courage can’t be bought. 😉

4.PNG

Conclusion

Privacy Extensions are used for protection when surfing the Internet. Since Windows does not calculate IPv6 addresses from the MAC address, but from random numbers, traceability is anyway not possible on Windows systems (Windows Vista and higher) with or without a temporary address.

More about IPv6 and RandomIdentifiziers on Windows Operating Systems here:

https://technet.microsoft.com/en-us/library/dd392266(v=ws.10).aspx

Categories: Cisco, Cyber Security, Windows 10, Windows Server

Tagged as: , , , ,

Published by Patrick Gruenauer

Microsoft MVP on PowerShell [2018-2023], IT-Trainer, IT-Consultant, MCSE: Cloud Platform and Infrastructure, Cisco Certified Academy Instructor.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.