IPV6 ATTACKS AND DEFENSES - A HANDS-ON WORKSHOP presented at blackhatsummer 2014

by Christopher Werny, Rafael Schaefer,

Summary : IPv6 deployment is rising every single day. According to the statistics and trends of the Internet Society, "2013 marked the third straight year IPv6 use on the global Internet has doubled. If current trends continue, more than half of Internet users around the world will be IPv6-connected in less than 6 years." At the same time, ARIN states that they are currently in phase four of their "IPv4 Countdown Plan", while RIPE has reached its last /8 IPv4 address space quite some time ago. So, "this time it is for real." Moreover, most of the operating systems, network, and security devices (like firewalls, IDS, etc.) come with IPv6 pre-enabled. Are we ready for the IPv6-era from a security perspective?
In this workshop, various attack methods that "exploit" IPv6 design and implementation security issues will be discussed. These issues, due to their nature, affect several modern and prestigious operating systems as well as network and security devices. We willexplain and demonstrate how you can exploit IPv6-specific features for pen-testing IPv6 systems and networks. First, all the required theory regarding the changes that IPv6 brings with it and how it affects security will be presented. Then, it will be explained and demonstrated how to launch most of the known IPv6 attacks. More advanced attacks will also be presented, as well as ways of fuzzing the protocol implementation against various systems and security devices. Finally, mitigation techniques to protect your IPv6 infrastructure from these attacks will be discussed.
Only by knowing the potential IPv6 security issues shall we be able to protect it effectively. The acquired knowledge will be valuable both to penetration testers who want to test IPv6 networks as well as to network and security engineers who want to effectively protect their IPv6 networks.