Wednesday, July 27, 2011

Hacking IPv6 Networks

We have launched a series of in-depth, hands-one trainings about IPv6 security.

The first edition was last June, at the Hack in Paris 2011 conference in Paris, France.

The next edition will be in Sao Paulo, Brazil.

Check out the training's web site!

Tuesday, July 5, 2011

IETF RFC 6274: Security Assessment of the Internet Protocol Version 4

The IETF has published RFC 6274, entitled "Security Assessment of the Internet Protocol Version 4", which is an IETF version of the IPv4 security assessment that had been published by CPNI in 2008. The Abstract of the RFC is:

This document contains a security assessment of the IETF
specifications of the Internet Protocol version 4 and of a number of
mechanisms and policies in use by popular IPv4 implementations.  It
is based on the results of a project carried out by the UK's Centre
for the Protection of National Infrastructure (CPNI).

The RFC is available here.

Requirements for secure IPv6 deployments include better IPv6 tester tools

An article that I've authored for has just been published. It is entitled "Requirements for secure IPv6 deployments include better IPv6 tester tools". The "abstract" of the article is:
This article, which is a part of the mini learning guide, IPv6 tutorial: Understanding IPv6 security issues, threats, defenses, discusses how a number of factors, such as a lack of trained personnel and limited IPv6 support in security devices, may affect the security of IPv6 network deployments. It also explains the potential effects of those factors, and suggests possible ways to mitigate these shortcomings.
The full article is available here.

World IPv6 Day recap ( has published and article entitled "World IPv6 Day recap" which comments on the outcome of the World IPv6 Day.

I have been quoted in that article noting that many people assume that during the World IPv6 Day, everyone accessed Google and Facebook with IPv6. But that's not the case: most users still accessed those sites with IPv4, since they had no IPv6 connectivity and/or their operating systems preferred IPv4 connectivity over the IPv6 connectivity they had available.

The full article is available here.