Contributed by Organizations or Campuses; Articles, Papers, and Reports; and IPv6
IPv6 Transition Security: How IPv6 migration can rip your IPv4/NAT security
| Title: | IPv6 Transition Security: How IPv6 migration can rip your IPv4/NAT security (ID: CSD4130) | | Origin: | Contributed by Organizations or Campuses (2003) | | Type: | Articles, Papers, and Reports | | Abstract: | Imagine starting SimCity with 2128 dollars! (That's 3.4 × 1038). The number and the possibilities are staggering; the challenge becomes an efficiency issue because of the sheer size.IPv6 is a bit like that and then you add change management hurdles and the nonchalance of North American ISP's that simply do not have the pressure of their Asian and European counterparts. IPv6 thus represents many challenges, one of which must be security betterment. Some previous practical have already showed IPv6 has security issues and even recent IETF working groups meeting decided to deprecate previously accepted standards for security issues1.And the transition from IPv4, with the famed network address translator, will have to go safely for this new protocol to gain its grounds. Since there are plenty ofaddresses for all the IP-enabled computers in the world, one should expect an onslaught Migration (with a big "M"), when some critical-mass popularity is obtained, either by an unforeseen killer app or market pressure.
Transition techniques are still being tested and developed today. In an effort to bring popular acceptance from consumer markets, some of those protocols even apply to home or small office networks with NAT border devices. This paper compares the risks involved between an established Internet technique, 'Configured Tunnels', and the high appeal technique of the Teredo proposal. We shall also examine what general measures can be taken to adequately address any security risks. | | View this resource: | |
Security Implications of IPv6
| Title: | Security Implications of IPv6 (ID: CSD4129) | | Origin: | Contributed by Organizations or Campuses (2003) | | Type: | Articles, Papers, and Reports | | Abstract: | "Internet Protocol version 6 (IPv6) contains numerous features that make it attractive from a security standpoint. It is reliable and easy to set up, with automatic configuration. Huge, sparsely populated address spaces render it highly resistant to malicious scans and inhospitable to automated, scanning and self-propagating worms and hybrid threats.
IPv6 is not a panacea for security, though, because few securityproblems derive solely from the IP layer in the network model. For example, IPv6 does not protect against misconfigured servers, poorly designed applications, or poorly protected sites. In addition, IPv6 and IPv6 transitional mechanisms introduce new, not widely understood, tools and techniques that intruders can use to secure unauthorized activity from detection. These IPv6-derived efforts are often successful even against existing IPv4 networks.
Since many network administrators have yet to take advantage ofIPv6, they may be unaware of IPv6 traffic that has tunneled into their networks. Attackers are already using this potential oversight to establish safe havens for attack.
Fortunately, existing protection technology is equipped for IPv6,making protection across this emerging standard both practical and straightforward. This whitepaper discusses the security implications of IPv6 and solutions that enable administrators to protect against attacks, intrusions and backdoors that take specific advantage of the protocol." | | View this resource: | |
Pentagon Commits to IPv6
| Title: | Pentagon Commits to IPv6 (ID: CSD2883) | | Origin: | Contributed by Organizations or Campuses (2003) | | Type: | Articles, Papers, and Reports | | Abstract: | On June 13th, the Pentagon announced it is beginning a transition Internet Protocol Version 6 (Ipv6) to bring the Department of Defense (DoD) closer to its goal of net-centric warfare and operations. The new protocol will facilitate integration of the essential elements of DoD's global information grid, including its sensors, weapons, platforms, information and people. | | View this resource: | |
|
