[ipv6hackers] IPv6 Security research

Marco Ermini marco.ermini at gmail.com
Mon Mar 19 17:51:53 CET 2012


On 8 March 2012 17:27, Mark Lane wrote:
> Howya folks.
>
> I'm hoping to start research for a PhD later this year and I'm currently
> trying to put together a proposal. I'm interested in researching the
> security side of IPv6, but don't really have anything specific at the
> moment. So, I'm wondering if there are particular areas that all of you
> IPv6 experts think needs further research, or where there's a lack of
> research in general.

If I can give my 5 cents, what you may find interesting is also
looking into scanning and scan engines, including both vulnerability
and discovery scanning.

Currently, vulnerability scanning is performed on IPv4 by just
scanning an entire subnet and checking which hosts are alive. As you
can imagine this is infeasible on IPv6, at least on several
circumstances, because even local networks can be very large.

However, Marc Heuse has demonstrated several techniques that can be
used to narrow down the search. You could starting from his
presentation here http://www.youtube.com/watch?v=c7hq2q4jQYw and then
download the slides which you should also able to find from the same
YouTube page.

There are currently no tools and not even concepts of tools about
applying these techniques automatically, AFAIK, or at least nothing
commercially or industrially viable. If I'll had to do a PhD with
focus on IPv6, I would be very interested in this topic, not only
chiefly because it has great possibilities to become commercially
viable...


Regards
-- 
Marco Ermini
root at human # mount -t life -o ro /dev/dna /genetic/research
http://www.linkedin.com/in/marcoermini
"Jesus saves... but Buddha makes incremental back-ups!"



More information about the Ipv6hackers mailing list