Posts Tagged ‘IPv6 Security’

TCS – May 16 2012

May 16, 2012 Leave a comment

TCS – May 16 2012

Update Slides – Added

  1. IPv6 tunnel defenses : ICMP, Teredo, 6to4
  2. Compairing IPv4 and IPv6 ICMP packets required
  3. IPv6 Transit Policies
  4. IPv6 Local Segment Policies
  5. Avoiding IPv6 router DOS
  6. New techniques for scanning IPv6 networks

The Need for IPv6

December 15, 2008 Leave a comment

As new technology is imagined, designed, implemented, deployed and maintained, there is a time when security begins to have importance. With most technologies, security is an add-on, inserted during the maintenance cycle, therefor leaving a gap for attackers to exploit in the process. Even technologies with built in security have suffered, due to a lack of understanding of that technology or the importance of security.

IPv6 is no exception, by default IPv6 has been ‘accidentally’ implemented in the majority of modern operating systems and appliances. Below is a history of device deployments:

•    OpenBSD / NetBSD / FreeBSD
•    Linux 2.1.6 Kernel

•    AIX 4.2

•    Window 95/98/ME/NT 3.5/NT 4.0
•    Microsoft 2000
•    Solaris 2.8

•    Cisco IOS (12.x and Later)

•    Juniper (5.1 and Later)
•    IBM z/OS
•    Apple OS/10.3
•    Microsoft XP
•    Linux 2.4 Kernel
•    AIX 6
•    IBM AS/400

•    Linksys Routers (WRT54G – Mindspring)
•    Cell Phone – Microsoft CE 5.0 or greater
•    Solaris 2.10
•    Linux 2.6 Kernel

•    Apple Airport Extreme
•    Cell Phone – BlackBerry
•    Microsoft Vista
•    HP-UX 11iv2
•    Open VMS
•    Macintosh OS/X Leopard

Categories: IPv6 Tags: ,

IPv6: Security concerns

October 13, 2008 Leave a comment

IPv6: Security concerns

Another podcast with

Network Security Concept Review – IPv6 Conference, Arlington Va

January 12, 2006 Leave a comment

This two day conference was composed of the most brilliant IPv6 engineers and management anywhere. I provided a two part presentation mapping current security threats and defenses onto the evolving IPv6 threat landscape and providing a mapping of security product requirements to the rather small listing of products available at this time.

Network Security Concept Review II and the IPv6 Security Tools from both sides are the name of the decks. All in all it was a very interesting and fun event for an IPv6 security geek.