Test your IPv6 connectivity


This site requires JavaScript, as well as the ability to pull in cross-site scripts, in order to test your IPv6 connectivity.

If this message does not go away, it means that JavaScript has been disabled, either by a plugin or extension in your browser or by an explicit browser setting.

Do you use NoScript? If you use this Firefox add-on, you’ll need to “Temporarily allow all this page”. You will need to do this twice for everything to work. Alternately, disable NoScript entirely until you are done with this site.

You can opt instead to view the simple test, which will give you a quick pass/fail for IPv4, IPv4+IPv6, and IPv6. It will however offer little diagnostic information.

  • For the Help Desk
  • Summary
  • Tests Run

Site configuration issue: bad or missing /site/config.js

IPv6 Test

How this test works: Your browser will be instructed to reach a series of URLs. The combination of successes and failures tells a story about how ready you are for when publishers start offering their websites on IPv6.

  • Test for Dual Stack DNS and large packet – ok (0.041s) using proxied ipv4
  • Test IPv4 without DNS – timeout (11.606s)
  • Test IPv6 without DNS – bad (0.017s)
  • Test IPv6 large packet – bad (0.034s)
  • Test if your ISP’s DNS server uses IPv6 – bad (2.003s)
  • Find IPv4 Service Provider – ok (0.048s) using ipv4 ASN 7941
  • Find IPv6 Service Provider – timeout (5.863s)

IPv6 Test Summary

  • New casino online – Test with IPv4 DNS record – ok (0.022s) using proxied ipv4
  • Yahoo – Test with IPv6 DNS record – timeout (10.939s)
  • Amazon – Test with Dual Stack DNS record – ok (0.039s) using proxied ipv4

Requirements

  • Your IPv4 address on the public Internet appears to be 201.231.125.112
  • Your Internet Service Provider (ISP) appears to be INTERNET
  • No IPv6 address detected
  • We have detected that you are using a proxy. This means we are testing your proxy server, not your computer.
  • When a publisher offers both IPv4 and IPv6, your browser appears to be happy to take the IPv4 site without delay.
  • Connections to IPv6-only sites are timing out. Any website that is IPv6 only, will appear to be down to you.
  • To ensure the best Internet performance and connectivity, ask your ISP about native IPv6.
  • Connections to URLs with IP addresses appear to be blocked; perhaps by a web filter such as ‘NoScript’ or ‘RequestPolicy’ installed into your browser, or filtering in your proxy server. This limits some of the functionality of this test site.

FAQ: IPv6 connectivity

Frequently Asked Questions (FAQ) page is available for your exact set of results. Please read it before leaving comments; many questions have already been answered. If you still have questions, comments, or concerns, feel free to use this form. If reporting a problem with the test, or requesting help with your results, please fill out all requested information to the best of your ability. If leaving general comments, use your best judgment on how much to report.

Technical explanation of The MySpace Worm

Also called the “Samy worm” or “JS.Spacehero worm” (released October 4)
Click here to read the entertaining story of the development, release, and ensued hilarity of The MySpace Worm

Please note that this code and explanation were only released AFTER MySpace resolved this.
None of this would work on MySpace at the time it was released and it will not work now. Otherwise, there would have been mayhem.
Now, let’s talk more about the problems encountered, workarounds, and how it worked in general.

  1. Myspace blocks a lot of tags. In fact, they only seem to allow <a>, <img>s, and <div>s…maybe a few others (<embed>’s, I think). They wouldn’t allow <script>s, <body>s, onClicks, onAnythings, href’s with javascript, etc…However, some browsers (IE, some versions of Safari, others) allow javascript within CSS tags. We needed javascript to get any of this to even work.
    Example: <div style=”background:url(‘javascript:alert(1)’)”>
  2. We couldn’t use quotes within the div because we had already used up single quotes and double quotes already. This made coding JS very difficult. In order to get around it, we used an expression to store the JS and then executed it by name.
  3. Example: <div id=”mycode” expr=”alert(‘hah!’)” style=”background:url(‘javascript:eval(document.all.mycode.expr)’)”>
  4. Sweet! Now we can do javascript with single quotes. However, myspace strips out the word “javascript” from ANYWHERE. To get around this, some browsers will actually interpret “java\nscript” as “javascript” (that’s java<NEWLINE>script).
  5. Example: <div id=”mycode” expr=”alert(‘hah!’)” style=”background:url(‘javascript:eval(document.all.mycode.expr)’)”>
  6. Okay, while we do have single quotes working, we sometimes NEED double-quotes. We’ll just escape quotes, e.g., “foo\”bar”. Myspace got me…they STRIP OUT all escaped quotes, whether single or double. However, we can just convert decimal to ASCII in javascript to actually produce the quotes.
  7. Example: <div id=”mycode” expr=”alert(‘double quote: ‘ + String.fromCharCode(34))” style=”background:url(‘javascript:eval(document.all.mycode.expr)’)”>
  8. In order to post the code to the user’s profile who is viewing it, we need to actually get the source of the page. Ah, we can use document.body.innerHTML in order to get the page source which includes, in only one spot, the ID of the user viewing the page. Myspace gets me again and strips out the word “innerHTML” anywhere. To avoid this, we use an eval() to evaluate two strings and put them together to form “innerHTML”.
  9. Example: alert(eval(‘document.body.inne’ + ‘rHTML’));

Copyright (C) namb.la