[ipv6hackers] Slides from IPv6 Sec Summit
Antonios Atlasis
antonios.atlasis at gmail.com
Fri Mar 15 09:25:27 CET 2013
Hi Jim,
2013/3/15 Jim Small <jim.small at cdw.com>
> Antonios,
>
> Awesome talk! I especially like how you walked through your approach and
> provide scapy samples - very cool.
>
> ...
>
Thanks a lot Jim. Very kind of you.
> > b. whether the various vendors' implementation (from OS to
> > security/network
> > devices) meet the various standards.
>
> There are definitely some options here, at least on the wired side.
> However, Enno had a great point in his preso about being realistic with
> operational complexity. That remains a challenge.
>
Enno was a 100% right. This is the challenge, indeed.
>
>
> > c. how can we fix them to make the IPv6 world safer (the goal of
> Troopers)
>
> Interested in what everyone thinks. IMHO, short term best options are
> working with major vendors at the access layer and for security solutions.
> At the access layer (Ethernet switches, Wireless controllers, Access
> points) and for firewalls push for strong controls for extensions headers
> and fragmentation. For IDS/IPS push for good detection. Could an IPS do
> prevention without being susceptible to DoS?
>
That's a good question. It definitely needs further testing...
Take care
Antonios
More information about the Ipv6hackers
mailing list