[ipv6hackers] Ipv6hackers Digest, Vol 5, Issue 14

vishwas Rudramurthy vshwsr at gmail.com
Tue Nov 29 15:11:48 CET 2011 

Hi Jose,

I would like to be part of paper review.

Thanks,
Vishwas

On Tuesday, November 29, 2011,  <ipv6hackers-request at lists.si6networks.com>
wrote:
> Send Ipv6hackers mailing list submissions to
>        ipv6hackers at lists.si6networks.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>        http://lists.si6networks.com/listinfo/ipv6hackers
> or, via email, send a message with subject or body 'help' to
>        ipv6hackers-request at lists.si6networks.com
>
> You can reach the person managing the list at
>        ipv6hackers-owner at lists.si6networks.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Ipv6hackers digest..."
>
>
> Today's Topics:
>
>   1. Re: reviewers needed for an IEEE special issue on Internet
>      Infrastructure Security (Joe Klein)
>   2. Re: reviewers needed for an IEEE special issue on Internet
>      Infrastructure Security (Jose Nazario)
>   3. Re: my IPv6 insecurity slides (Cameron Byrne)
>   4. Re: my IPv6 insecurity slides (Leinweber, James)
>   5. Re: my IPv6 insecurity slides (Doug Barton)
>   6. Re: my IPv6 insecurity slides (Owen DeLong)
>   7. Re: my IPv6 insecurity slides (Fernando Gont)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 28 Nov 2011 07:57:34 -0500
> From: Joe Klein <jsklein at gmail.com>
> To: IPv6 Hackers Mailing List <ipv6hackers at lists.si6networks.com>
> Subject: Re: [ipv6hackers] reviewers needed for an IEEE special issue
>        on Internet Infrastructure Security
> Message-ID:
>        <CAP032TvGX=oXpoAoLTpqqO14_b0peBAbRWH40VVhSiWYeRo+zA at mail.gmail.com
>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Jose,
>
> I have time to review papers.
>
> Joe Klein
> jsklein at gmail.com
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 28 Nov 2011 14:27:34 -0500
> From: Jose Nazario <jose at arbor.net>
> To: IPv6 Hackers Mailing List <ipv6hackers at lists.si6networks.com>,
>        JOSE NAZARIO <jose at arbor.net>
> Subject: Re: [ipv6hackers] reviewers needed for an IEEE special issue
>        on      Internet Infrastructure Security
> Message-ID: <09F6D23D-141F-4A9B-9ED1-23BE0965C977 at arbor.net>
> Content-Type: text/plain; charset=us-ascii
>
> ok thanks everyone, i'm all set!
>
> On Nov 27, 2011, at 11:14 AM, JOSE NAZARIO wrote:
>
>> folks
>>
>> i'm a guest editor for an upcoming IEEE S&P special issue on Internet
Infrastructure Security:
>>
>>       http://www.computer.org/portal/web/computingnow/spcfp4
>>
>> i'm short on reviewers who know IPv6. if you would like to review
academic articles please send me a note off-list. this will put you in the
IEEE system (you don't need to be a member, a subscriber, etc to review)
for possible future review assignments. you can decline any and all papers
that come your way.
>>
>> thank you.
>>
>> _____
>> Jose Nazario, Ph.D.
>> Manager of Security Research, Arbor Networks
>> jose at arbor.net
>> _______________________________________________
>> Ipv6hackers mailing list
>> Ipv6hackers at lists.si6networks.com
>> http://lists.si6networks.com/listinfo/ipv6hackers
>
> _____________________________
> jose nazario, ph.d. jose at arbor.net
> sr. manager of security research, arbor networks
> blog:    http://asert.arbor.net/
> twitter: @arbornetworks
>
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 28 Nov 2011 11:49:32 -0800
> From: Cameron Byrne <cb.list6 at gmail.com>
> To: IPv6 Hackers Mailing List <ipv6hackers at lists.si6networks.com>
> Subject: Re: [ipv6hackers] my IPv6 insecurity slides
> Message-ID:
>        <CAD6AjGSzDWABe=cL02RavWVAaQm8oaH_V51748uCkp9a59wfFg at mail.gmail.com
>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On Mon, Nov 28, 2011 at 12:18 AM, Beat Rubischon <beat at 0x1b.ch> wrote:
>> Hi Fred!
>>
>> On 26.11.11 01:22, Frederic Bovy wrote:
>>> Le 25 nov. 2011 ? 05:55, Marc Heuse a ?crit :
>>
>>>> But anybody who introduces IPv6 in the internal network without a
>>>> business need should be fired. for a waste of human resource, harder
>>>> troubleshooting, more error prone networks - and increased security
risks.
>>> Do you recommend ?Application Layer Proxies, ?NAT46 or NAT-PT for these
users ?
>>
>> It's really a good question. Today we have good rules of thumb how to
>> operate a company IPv4 network. Use a NAT firewall, internal DHCP and
>> DNS, probably some ActiveDirectory and Exchange. This is the "way to go".
>>
>> When deploying IPv6 in such an environment you have a bunch of open
>> questions:
>>
>> - How to convince the management the firewall is working?
>> - How to convince the users their privacy is guaranteed?
>> - How to handle DNS? Expose the internal DNS to the IPv6 world? Fake PTR
>> records for the external world? Don't care about name resolution?
>> - What about all those Windows 2003 and XP based systems? Run them IPv4
>> only and hope the ActiveDirectory won't fail?
>>
>> I'm running my home network dual stack for more then 6 years. An
>> "academic like setup" where most of my boxes have public IPv4/IPv6
>> addresses. But the upper questions stops me from deploying IPv6 in my
>> employers network...
>>
>> The only way I see currently is a deployment in large scale companies
>> where the border between the internet and the internal network is
>> already realized by proxies. You have a clean separation between the
>> internal infrastructure and the world. You may start by enabling the
>> proxies to ask for IPv6 content - you may start by enabling RFC4193
>> addresses inside. But for the classic small company with one to a few
>> hundreds employees? No chance. You will be a trendsetter which will make
>> a lot of mistakes and invest a lot of time and money.
>>
>> But of course, the main motivation is missing. There is no need to run
>> IPv6. No content is IPv6 _only_. Additional there is no longer a need to
>> be reachable to provide content to the internet - just post your holiday
>> pictures on one of the famous Web2.0 services. The people learned to
>> accept to be NATed from their fancy mobile devices. They learned that
>> they have to roll out a VPN when accessing their office documents.
>>
>> The migration to IPv6 was probably started to late. It is basically
>> killed by Web2.0 (the second "new internet") and the smartphones.
>>
>
> trying to resist the need to send email....giving up...
>
> I would say the Smartphones on IPv6 are one of the reasons to go to IPv6.
>
> It is not servers (content) running out of IPv4 addresses that is the
> issue.  It is that the network edge of eyeballs that is growing
> fast... More people are coming online and more people have 2,3,4
> devices that need IP addresses.
>
> People will not go to IPv6 to access new and better content.
>
> People (eyeballs) will be given IPv6 addresses because IPv4 has
> (already) run out.
>
> Content folks will want to provide parity to IPv4, IPv6, and
> dual-stack eyeballs, so that is why content will go to IPv6.
>
> User go to IPv6 because they have no choice (addresses run out, many
> people, many devices)
>
> Content go to IPv6 to reach the users.
>
> done and done.
>
>> I assume IPv6 will stay a toy for geeks like us. The 99% will be happy
>> when their ISPs annouces "hey, from tomorrow you are firewalled" and
>> accept that a public IP will cost some additional $$$. They won't care
>> about it and we'll have enough address range for the next years.
>>
>> Sounds a bit disaffected? Yes. Hopefully the world will tell me the
>> contrary :-)
>>
>> Beat
>>
>> --
>> ? ? \|/ ? ? ? ? ? ? ? ? ? ? ? ? ? Beat Rubischon <beat at 0x1b.ch>
>> ? ( 0-0 ) ? ? ? ? ? ? ? ? ? ? ? ? ? ? http://www.0x1b.ch/~beat/
>> oOO--(_)--OOo---------------------------------------------------
>> Meine Erlebnisse, Gedanken und Traeume: http://www.0x1b.ch/blog/
>> _______________________________________________
>> Ipv6hackers mailing list
>> Ipv6hackers at lists.si6networks.com
>> http://lists.si6networks.com/listinfo/ipv6hackers
>>
>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 28 Nov 2011 14:00:43 -0600
> From: "Leinweber, James" <jim.leinweber at slh.wisc.edu>
> To: "IPv6 Hackers Mailing List" <ipv6hackers at lists.si6networks.com>
> Subject: Re: [ipv6hackers] my IPv6 insecurity slides
> Message-ID:
>        <
1298E81544388440ADBE9B0072AABD810BF2A254 at slhmail2003.ad.slh.wisc.edu>
> Content-Type: text/plain; charset=us-ascii
>
> Cameron Byrne:
>> [Users go to IPv6 because they have no choice (addresses run out, many
>> people, many devices)
>>
>> Content [providers] go to IPv6 to reach the users.
>
> Exactly, though the IPv4 exhaustion pinch will bite sooner in
> Eurasia (2/3 of world population) than in the A's (North America,
> South America, Africa).
>
> What I've been telling folks in Wisconsin at the IPv6 talks I do is that
> the people who need to be in a hurry providing externally facing
> IPv6 (DMZ services, particularly web and DNS, but not yet e-mail) are
> the ones with:
>
> * Asian users
> * Asian supply chains
> * Mobile users
> * National IT contracts, where it often is mandated
>
> In the Wisconsin these puts state agencies and small businesses
> as laggards, who are moving very slowly, if at all.  Colo providers,
> multinationals, and people seeking competitive advantage by
> being early adopters are all moving much faster.  I wish our ISP's
> were moving faster.
>
> -- Jim Leinweber
> State Laboratory of Hygiene, University of Wisconsin - Madison
> <jim.leinweber at slh.wisc.edu>       phone +1 608 221 6281
> PGP fp: D573 AF7D F484 EE2A F0B6  B7DB A870 7518 F87D A0D1
>
>
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Mon, 28 Nov 2011 14:22:01 -0800
> From: Doug Barton <dougb at dougbarton.us>
> To: IPv6 Hackers Mailing List <ipv6hackers at lists.si6networks.com>
> Subject: Re: [ipv6hackers] my IPv6 insecurity slides
> Message-ID: <4ED40989.7010200 at dougbarton.us>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 11/28/2011 11:49, Cameron Byrne wrote:
>> I would say the Smartphones on IPv6 are one of the reasons to go to IPv6.
>
> For the content providers, sure. I thought we were talking about
> SOHO/Enterprise networks?
>
> It's not just "IPv6 all the way down," context is important. :)
>
>
> Doug
>
> --
>
>                "We could put the whole Internet into a book."
>                "Too practical."
>
>        Breadth of IT experience, and depth of knowledge in the DNS.
>        Yours for the right price.  :)  http://SupersetSolutions.com/
>
>
>
> ------------------------------
>
> Message: 6
> Date: Mon, 28 Nov 2011 14:51:11 -0800
> From: Owen DeLong <owend at he.net>
> To: IPv6 Hackers Mailing List <ipv6hackers at lists.si6networks.com>
> Subject: Re: [ipv6hackers] my IPv6 insecurity slides
> Message-ID: <6A5C8509-5013-4CF4-A4CC-B1C766F24653 at he.net>
> Content-Type: text/plain; charset=us-ascii
>
>
> On Nov 28, 2011, at 2:22 PM, Doug Barton wrote:
>
>> On 11/28/2011 11:49, Cameron Byrne wrote:
>>> I would say the Smartphones on IPv6 are one of the reasons to go to
IPv6.
>>
>> For the content providers, sure. I thought we were talking about
>> SOHO/Enterprise networks?
>>
>> It's not just "IPv6 all the way down," context is important. :)
>>
>
> I certainly was talking about enterprise. Simple reality is that by the
time significant
> web sites are forced to IPv6-only (which is closer than I think many
believe),
> enterprises without IPv6 capabilities will be at a disadvantage playing
catch up.
>
> As I said, IPv6-only content (which is coming in spite of claims to the
contrary)
> is only one of several reasons I already elicited for enterprises to
deploy IPv6
> sooner rather than later.
>
> Owen
>
>
>
> ------------------------------
>
> Message: 7
> Date: Mon, 28 Nov 2011 17:45:08 -0600
> From: Fernando Gont <fgont at si6networks.com>
> To: IPv6 Hackers Mailing List <ipv6hackers at lists.si6networks.com>
> Subject: Re: [ipv6hackers] my IPv6 insecurity slides
> Message-ID: <4ED41D04.4050106 at si6networks.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 11/28/2011 04:51 PM, Owen DeLong wrote:
>> As I said, IPv6-only content (which is coming in spite of claims to the
contrary)
>> is only one of several reasons I already elicited for enterprises to
deploy IPv6
>> sooner rather than later.
>
> Could you name five sites with IPv6-only content? (disclaimer: please
> avoid "ipv6.*")
>
> Thanks,
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont at si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
>
> ------------------------------
>
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers
>
>
> End of Ipv6hackers Digest, Vol 5, Issue 14
> ******************************************
>

-- 
VISHWAS R

More information about the Ipv6hackers mailing list