[ipv6hackers] IPv6 security presentation at Hack.lu 2011
Jim Small
jim.small at cdw.com
Wed Sep 21 20:31:53 CEST 2011
Fernando,
This is great - thanks for sharing. If you do a 2nd version I have a few suggestions:
1) Talk about Ping-Pong problem on point-to-point interfaces/networks
2) Talk about NDP exhaustion attack/issues
Also I think this brings up two more issues:
1) IPv6 on a sizeable network will almost require an IPAM solution
2) IPv6 will essentially require DNS and for security DNSSec/Securely implemented DNS - you can't really memorize all your key IPv6 addresses like you can in IPv4. While this is obvious to anyone working with IPv6 I don't think it has hit home with the majority of network administrators who typically administer network devices by IP address.
I couldn't agree more on the education point. IPv6 is not rocket science but there are a surprising amount of those "little" details when you start implementing it.
--Jim
-----Original Message-----
From: ipv6hackers-bounces at lists.si6networks.com [mailto:ipv6hackers-bounces at lists.si6networks.com] On Behalf Of Fernando Gont
Sent: Wednesday, September 21, 2011 1:11 PM
To: IPv6 Hackers Mailing List
Subject: [ipv6hackers] IPv6 security presentation at Hack.lu 2011
Folks,
We have uploaded the slides of the IPv6 Security talk I gave at Hack.lu
2011. The slides are available at:
<http://www.si6networks.com/presentations/hacklu2011/fgont-hacklu2011-ipv6-security.pdf>
If there are any topics in the slides that that you think might benefit
from debate/discussion/brainstorming, please feel free to post to the list.
Thanks!
--
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
_______________________________________________
Ipv6hackers mailing list
Ipv6hackers at lists.si6networks.com
http://lists.si6networks.com/listinfo/ipv6hackers
More information about the Ipv6hackers
mailing list