I received a call from an old friend that I had worked with at the rail company and he suggested I talk to SANS about speaking on IPv6. After about two months of back and forth conversation, I received a ticket to San Diego and was on my way. The focus of the presentation was to education the attendees about IPv6 and the risk associated if you did nothing. When I entered the room, a room which would handle 200 people, I was expecting a large crowd. Instead we had around 30 people, some interested and some looking tired from a long day of listening to the SANS teachers.
During this presentation I spoke on:
- The current size of available targets which supported IPv6
- Showed current growth of the IPv6 Internet
- Current attack surfaces which exist
- An analysis of all published vulnerabilities at this time
- The problem with brute force scanning and how new ways will need to be created
- Examples of several attacks and a few good attack tools
All in all the presentation went well. I secretly was hoping SANS would consider me teaching a class on IPv6, but as I was told by one of the Senior management “IPv6 training is just too early”. Oh well, maybe next time.