Insinuator


Some outright rants from a bunch of infosec practitioners.

TAG | IPv6

Apr/16

6

Security Assessment of Microsoft DirectAccess

A talk about DirectAccess (an IPv6-only VPN solution) was given by our colleague Ali Hardudi during IPv6 summit. Ali has recently finished his master thesis on this topic.
(more…)

, | Post your comment here.

Apr/16

5

Anonymization IPv6 in PCAPs – Challenges and Wins

Jasper Bongertz is a Senior Technical Consultant at Airbus Defence and Space CyberSecurity. He is focusing on IT security, Incident Response and Network Forensics.
During the IPv6 summit on Troopers16 he had given a talk on anonymization IPv6 in PCAPs and presented his new tool.
(more…)

, , | Post your comment here.

Apr/16

4

draft-vyncke-pim-mld-security

Right now, I’m in Buenos Aires for IETF95 where, amongst others, an Internet-Draft authored by Eric Vyncke, Antonios Atlasis and myself will be presented (and hopefully discussed) in two working groups. In the following I want to quickly lay out why we think this is an important contribution.

(more…)

, | Post your comment here.

Apr/16

3

Advanced IPv6 Network Reconnaissance

Fernando Gont, who is specializing in the field of communications protocols security, gave a talk during this year’s Troopers IPv6 summit. He spoke about network reconnaissance techniques in IPv6 area and presented a brand new set of tools for this purpose.
(more…)

, , | Post your comment here.

Christopher Werny leads the network security team for ERNW and since 2005 he is involved in numerous IPv6 projects where he is responsible for planning, implementation and troubleshooting existing projects. (more…)

, , | Post your comment here.

Mar/16

29

Troopers 16: Wireshark in IP version 6

Wireshark in IP version 6 workshop was a part of IPv6 summit sessions of Troopers 16. It was held by Jeffery Carrell on the second day of IPv6 summit on Tuesday, the 15th of March.  The workshop was generally divided into two sections: a short introduction to IPv6 and analyzing some IPv6 packets on Wireshark.

(more…)

, | Post your comment here.

Mar/16

29

IPv6 Security Summit – Track 2

The Troopers experience will never be the same without the “IPv6 summit”. It is one of kind of two-day special event where different security experts gather to discuss IPv6 current challenges. It addresses different topics ranging from a broad introduction of the IPv6 to how secure the protocol  is and what  the latest standards are.

The summit is divided into 2 different tracks that run simultaneously. For the first day on the second track, Christopher Werny and Rafael Schaefer have carried out the first three sessions. (more…)

, | Post your comment here.

Dear Readers of Insinuator,

tldr;This blogpost presents a measurement study of a current security state regarding to open ports on a direct comparison of IPv4 and IPv6. The study analyses almost 58,000 dual-stacked domains in order to find discrepancies in applied security policies. We further discuss the potential reasons and, more importantly, the implications of the identified differences. \tldr;

For those of you who couldn’t participate at Troopers Conference 2016 in Heidelberg or watch my talk at the IPv6 Security Summit, I want to recap some of the most important parts of my research in this blogpost.

(more…)

, | Post your comment here.

Hello,

Troopers is (unfortunately) over. It was a blast (but I may be biased ;-))! After things have settled, I want to take the opportunity to reflect my thoughts and impressions on the IPv6-only WiFi we had deployed during the conference. To make sure that everybody is on the same page let’s start at the beginning.

In the last couple of years we had provided Dual-Stack connectivity on the main “Troopers” SSID but also had an additional IPv6-only SSID. This year we decided to spice things up and made the “Troopers“ SSID IPv6-only (with NAT64) while providing Dual-Stack connectivity on the “Legacy“ SSID. We wanted to get a feeling how many clients and applications can work properly in an IPv6-only environment. We intentionally didn’t announce it vastly beforehand, hoping that attendees would just connect to the main SSID without noticing anything. We were aware that some applications might expose issues but, as I said , we wanted to get a feeling to which degree problems actually occured. (more…)

, , , , | Post your comment here.

Dear readers,

today we want to examine the behavior of Cisco devices when they receive spoofed IPv6 Neighbor Advertisement packets from an untrusted system pretending to be the default router for the local segment. We start with a quick refresher how Cisco devices behave in the legacy (IPv4) world when they receive a spoofed broadcast ARP packet containing the IP address of the device but with a different MAC address, followed by a discussion of the corresponding behavior in the IPv6 world. (more…)

, , , | Post your comment here.

Older posts >>

Contact


Mail | Twitter | Imprint

©2016 ERNW GmbH
To top