TAG | IPv6
Jasper Bongertz is a Senior Technical Consultant at Airbus Defence and Space CyberSecurity. He is focusing on IT security, Incident Response and Network Forensics.
During the IPv6 summit on Troopers16 he had given a talk on anonymization IPv6 in PCAPs and presented his new tool.
Right now, I’m in Buenos Aires for IETF95 where, amongst others, an Internet-Draft authored by Eric Vyncke, Antonios Atlasis and myself will be presented (and hopefully discussed) in two working groups. In the following I want to quickly lay out why we think this is an important contribution.
Fernando Gont, who is specializing in the field of communications protocols security, gave a talk during this year’s Troopers IPv6 summit. He spoke about network reconnaissance techniques in IPv6 area and presented a brand new set of tools for this purpose.
0 Comments | Posted by Niki Vonderwell
Christopher Werny leads the network security team for ERNW and since 2005 he is involved in numerous IPv6 projects where he is responsible for planning, implementation and troubleshooting existing projects. (more…)
Wireshark in IP version 6 workshop was a part of IPv6 summit sessions of Troopers 16. It was held by Jeffery Carrell on the second day of IPv6 summit on Tuesday, the 15th of March. The workshop was generally divided into two sections: a short introduction to IPv6 and analyzing some IPv6 packets on Wireshark.
The Troopers experience will never be the same without the “IPv6 summit”. It is one of kind of two-day special event where different security experts gather to discuss IPv6 current challenges. It addresses different topics ranging from a broad introduction of the IPv6 to how secure the protocol is and what the latest standards are.
The summit is divided into 2 different tracks that run simultaneously. For the first day on the second track, Christopher Werny and Rafael Schaefer have carried out the first three sessions. (more…)
0 Comments | Posted by Patrik Fehrenbach
Dear Readers of Insinuator,
tldr;This blogpost presents a measurement study of a current security state regarding to open ports on a direct comparison of IPv4 and IPv6. The study analyses almost 58,000 dual-stacked domains in order to find discrepancies in applied security policies. We further discuss the potential reasons and, more importantly, the implications of the identified differences. \tldr;
For those of you who couldn’t participate at Troopers Conference 2016 in Heidelberg or watch my talk at the IPv6 Security Summit, I want to recap some of the most important parts of my research in this blogpost.
2 Comments | Posted by Christopher Werny
Troopers is (unfortunately) over. It was a blast (but I may be biased ;-))! After things have settled, I want to take the opportunity to reflect my thoughts and impressions on the IPv6-only WiFi we had deployed during the conference. To make sure that everybody is on the same page let’s start at the beginning.
In the last couple of years we had provided Dual-Stack connectivity on the main “Troopers” SSID but also had an additional IPv6-only SSID. This year we decided to spice things up and made the “Troopers“ SSID IPv6-only (with NAT64) while providing Dual-Stack connectivity on the “Legacy“ SSID. We wanted to get a feeling how many clients and applications can work properly in an IPv6-only environment. We intentionally didn’t announce it vastly beforehand, hoping that attendees would just connect to the main SSID without noticing anything. We were aware that some applications might expose issues but, as I said , we wanted to get a feeling to which degree problems actually occured. (more…)
0 Comments | Posted by Christopher Werny
today we want to examine the behavior of Cisco devices when they receive spoofed IPv6 Neighbor Advertisement packets from an untrusted system pretending to be the default router for the local segment. We start with a quick refresher how Cisco devices behave in the legacy (IPv4) world when they receive a spoofed broadcast ARP packet containing the IP address of the device but with a different MAC address, followed by a discussion of the corresponding behavior in the IPv6 world. (more…)