SlideShare ist ein Scribd-Unternehmen logo

Henrik Strøm - IPv6 from the attacker's perspective

IKT-Norge
IKT-Norge

IPv6 forum conference, Oslo 2012-04-25

Technologie
1 von 15
IPv6 – Attacker’s perspective Henrik Strøm Telenor Norway
Who am I? Henrik Strøm Head of IT Security & Telenor CERT manager Telenor Norway
Agenda • Types of networks & systems • Attacker’s point of view • Defense – What to do • Further reading
What type of network? • Home network • Office network • Coffee shop • Mobile Broadband • Datacenter • ISP networks • Mobile networks
What type of system? • Mobile phone • iPad / Tablet • Laptop • Desktop • Service • Server • RG
Point #1 – IPv6 visibility Why you don’t disappear in a vast pool of IPv6 addresses: • bgp.he.net, DNS and Google gives a good starting point • Humans use predictable names and addresses (::1) • Search space for hosts within a net is limited (~2^24) • Local multicast gives info on local hosts • Running netstat on a compromised system
Point #2 – Local attacks When the attacker is on your local network, the IPv6 security model breaks down in a bad way. It assumes that Local = Trusted! • Use IPv6 addresses to bypass IPv4 access controls • Spoof RAs to autoconfigure hosts that support IPv6 • Spoof RAs to become MITM (Gateway & DNS)
Point #3 – Internet connectivity (outbound) Do you know about all the (IPv6) traffic that is leaving your network? Including what the traffic is doing, and why it is there? IPv4 traffic towards the Internet may be tightly controlled, but is this the case for IPv6 traffic? The attacker needs tomake outbound communication. IPv6 could be his best option.
Point #4 – Internet connectivity (inbound) In some networks, a system can be made accessible from the Internet if you enable IPv6 on it. It depends on how routing and filtering is configured. How does your current IPv6 firewall rule set look? How do you handle fragments and extension headers? Sometimes IPv6 is enabled on systems by accident… or by (vendor’s) default… but without security.
Point #5 – Tunneling There are many different IPv6 tunneling mechanisms, meant to be used for transitioning from IPv4. These can be used by an attacker as well. Could give full inbound and outbound IPv6 connectivity between a compromised system and any other IPv6 host on the Internet. Unless you filter all types of IPv6 tunneling in your firewalls.
Point #6 – Denial of Service •RA flooding Can be used to kill all local Windows machines •Neighbor Cache Poisoning replying with attacker’s MAC address •Duplicate Address Detection DoS claim that all addresses are taken •RA spoofing change default router or change DNS
Defense – What to do 1. Decide and know which networks use IPv6, and for what purpose – disable it everywhere else! Both on the network and on the host 2. Monitor your networks for IPv6 traffic 3. Monitor IPv6 in your logs – e.g., (failed) logins over IPv6! 4. Decide how to do IPv6 network security on each of your networks – e.g., where to put firewalls, what to filter, etc. 5. Do IPv6 hardening of clients, servers, routers, networks, etc.
my  nm reading – Marc Heuse e  i s  … Further IPv6 Vulnerabilities, Failures - and a Future? 123 slides on IPv6 hacking http://www.ipv6hacking.info THC-IPv6 Attack Toolkit http://www.thc.org/thc-ipv6 “Critical issues are site-local only” “Security model is from 1995: local = trusted”
Further reading – Fernando Gont Recent Advances in IPv6 Security HES 2012 Conference (April 14th) http://2012.hackitoergosum.org “There's an insanely large amount of work to be done in the area of IPv6 firewalling” “Many IPv4 vulnerabilities have been re-implemented in IPv6” “Still lots of work to be done in IPv6 security”
Conclusions • IPv6 can be secured – but you must do the work! • Security is not built-in or turned on by default • Lots of security issues that you must deal with • Makes it even more important to monitor logs and analyze your network traffic • Large network segments are still a bad idea… • The attacker can use IPv6 even if you don’t!

Empfohlen

Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayEric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norway
IKT-Norge
 
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalEric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
IKT-Norge
 
Gabriel Paues - IPv6 address planning + making the case for WHY
Gabriel Paues - IPv6 address planning + making the case for WHYGabriel Paues - IPv6 address planning + making the case for WHY
Gabriel Paues - IPv6 address planning + making the case for WHY
IKT-Norge
 
Jan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teamsJan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teams
IKT-Norge
 
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
IKT-Norge
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
Mark Smith
 
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other ObservationsAusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
Mark Smith
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
Private
 

Empfohlen

Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayEric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norway
IKT-Norge
 
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalEric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
IKT-Norge
 
Gabriel Paues - IPv6 address planning + making the case for WHY
Gabriel Paues - IPv6 address planning + making the case for WHYGabriel Paues - IPv6 address planning + making the case for WHY
Gabriel Paues - IPv6 address planning + making the case for WHY
IKT-Norge
 
Jan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teamsJan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teams
IKT-Norge
 
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
IKT-Norge
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
Mark Smith
 
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other ObservationsAusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
Mark Smith
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
Private
 
pps Matters
pps Matterspps Matters
pps Matters
Bangladesh Network Operators Group
 
Tech f42
Tech f42Tech f42
Tech f42
SelectedPresentations
 
IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live Demo
Digicomp Academy AG
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
srmanjuskp
 
Route Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsRoute Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for Operators
Bangladesh Network Operators Group
 
Introduction of ipv6
Introduction of ipv6Introduction of ipv6
Introduction of ipv6
KaushikMajumder22
 
Having Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security AnalysisHaving Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security Analysis
Bangladesh Network Operators Group
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Fred Bovy
 
Ipv6
Ipv6Ipv6
Ipv6
maha5960
 
Fedv6tf-fhs
Fedv6tf-fhsFedv6tf-fhs
Fedv6tf-fhs
Tim Martin
 
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedThings I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I started
Faelix Ltd
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
Mark Smith
 
Actual Condition Survey of Malware Download Sites for A Long Period
Actual Condition Survey of Malware Download Sites for A Long PeriodActual Condition Survey of Malware Download Sites for A Long Period
Actual Condition Survey of Malware Download Sites for A Long Period
APNIC
 
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpecОбеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Cisco Russia
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Shixiong Shang
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Bangladesh Network Operators Group
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friends
Tim Martin
 
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec
APNIC
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 Lan
Jumping Bean
 
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingCameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway Meeting
IPv6no
 
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Wardner Maia
 
Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat Management
Tapas Shome
 

Weitere ähnliche Inhalte

Was ist angesagt?

Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
srmanjuskp
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
Mark Smith
 
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingCameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway Meeting
IPv6no
 

Was ist angesagt? (20)

pps Matters
pps Matterspps Matters
pps Matters
 
Tech f42
Tech f42Tech f42
Tech f42
 
IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live Demo
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
 
Route Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsRoute Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for Operators
 
Introduction of ipv6
Introduction of ipv6Introduction of ipv6
Introduction of ipv6
 
Having Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security AnalysisHaving Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security Analysis
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
 
Ipv6
Ipv6Ipv6
Ipv6
 
Fedv6tf-fhs
Fedv6tf-fhsFedv6tf-fhs
Fedv6tf-fhs
 
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedThings I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I started
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
 
Actual Condition Survey of Malware Download Sites for A Long Period
Actual Condition Survey of Malware Download Sites for A Long PeriodActual Condition Survey of Malware Download Sites for A Long Period
Actual Condition Survey of Malware Download Sites for A Long Period
 
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpecОбеспечение безопасности сети оператора связи с помощью BGP FlowSpec
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpec
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friends
 
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 Lan
 
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingCameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway Meeting
 

Ähnlich wie Henrik Strøm - IPv6 from the attacker's perspective

IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
Rochester Security Summit
 
Protecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeProtecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber Crime
Lancope, Inc.
 
IPv6 Threat Presentation
IPv6 Threat PresentationIPv6 Threat Presentation
IPv6 Threat Presentation
johnmcclure00
 
Fernando Gont - The Hack Summit 2021 - State of the Art in IPv6 Security
Fernando Gont - The Hack Summit 2021 - State of the Art in IPv6 SecurityFernando Gont - The Hack Summit 2021 - State of the Art in IPv6 Security
Fernando Gont - The Hack Summit 2021 - State of the Art in IPv6 Security
EdgeUno
 

Ähnlich wie Henrik Strøm - IPv6 from the attacker's perspective (20)

Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
 
Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat Management
 
Is IPv6 Security Still an Afterthought?
Is IPv6 Security Still an Afterthought?Is IPv6 Security Still an Afterthought?
Is IPv6 Security Still an Afterthought?
 
Myles firewalls
Myles firewallsMyles firewalls
Myles firewalls
 
D017131318
D017131318D017131318
D017131318
 
Security Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration NetworksSecurity Issues in Next Generation IP and Migration Networks
Security Issues in Next Generation IP and Migration Networks
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptx
 
Ip tables
Ip tablesIp tables
Ip tables
 
Secured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRRSecured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRR
 
Day4
Day4Day4
Day4
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
 
Protecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeProtecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber Crime
 
IPv6 Threat Presentation
IPv6 Threat PresentationIPv6 Threat Presentation
IPv6 Threat Presentation
 
Fernando Gont - The Hack Summit 2021 - State of the Art in IPv6 Security
Fernando Gont - The Hack Summit 2021 - State of the Art in IPv6 SecurityFernando Gont - The Hack Summit 2021 - State of the Art in IPv6 Security
Fernando Gont - The Hack Summit 2021 - State of the Art in IPv6 Security
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)
 
G3t R00t at IUT
G3t R00t at IUTG3t R00t at IUT
G3t R00t at IUT
 
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERSVTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
 
fgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdffgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdf
 
Survey on IPv6 security issues
Survey on IPv6 security issuesSurvey on IPv6 security issues
Survey on IPv6 security issues
 

Mehr von IKT-Norge

Lars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, XenetaLars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, Xeneta
IKT-Norge
 
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
IKT-Norge
 

Mehr von IKT-Norge (20)

Lars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, XenetaLars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, Xeneta
 
Erik Stokkeland
Erik Stokkeland Erik Stokkeland
Erik Stokkeland
 
Ketil Widerberg
Ketil WiderbergKetil Widerberg
Ketil Widerberg
 
Randi Marjamaa
Randi MarjamaaRandi Marjamaa
Randi Marjamaa
 
Roar Olsen
Roar Olsen Roar Olsen
Roar Olsen
 
Eirik Norman Hansen
Eirik Norman Hansen Eirik Norman Hansen
Eirik Norman Hansen
 
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
 
Læringsanalyse – Arne Krokan
Læringsanalyse – Arne KrokanLæringsanalyse – Arne Krokan
Læringsanalyse – Arne Krokan
 
Læringsanalyse – Yngve Lindvig
Læringsanalyse – Yngve LindvigLæringsanalyse – Yngve Lindvig
Læringsanalyse – Yngve Lindvig
 
Multi Smart Øving – skjermbilder
Multi Smart Øving – skjermbilderMulti Smart Øving – skjermbilder
Multi Smart Øving – skjermbilder
 
NEO2015: Zwipe
NEO2015: ZwipeNEO2015: Zwipe
NEO2015: Zwipe
 
NEO2015: Crypho
NEO2015: CryphoNEO2015: Crypho
NEO2015: Crypho
 
NEO2015: Bartec Pixavi
NEO2015: Bartec PixaviNEO2015: Bartec Pixavi
NEO2015: Bartec Pixavi
 
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
 
NEO2015: Filmgrail
NEO2015: FilmgrailNEO2015: Filmgrail
NEO2015: Filmgrail
 
NEO2015: Home Control
NEO2015: Home ControlNEO2015: Home Control
NEO2015: Home Control
 
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
 
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
 
NEO2015: Xeneta
NEO2015: XenetaNEO2015: Xeneta
NEO2015: Xeneta
 
NEO2015: Hatteland
NEO2015: HattelandNEO2015: Hatteland
NEO2015: Hatteland
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Kürzlich hochgeladen (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 

Henrik Strøm - IPv6 from the attacker's perspective

  • 1. IPv6 – Attacker’s perspective Henrik Strøm Telenor Norway
  • 2. Who am I? Henrik Strøm Head of IT Security & Telenor CERT manager Telenor Norway
  • 3. Agenda • Types of networks & systems • Attacker’s point of view • Defense – What to do • Further reading
  • 4. What type of network? • Home network • Office network • Coffee shop • Mobile Broadband • Datacenter • ISP networks • Mobile networks
  • 5. What type of system? • Mobile phone • iPad / Tablet • Laptop • Desktop • Service • Server • RG
  • 6. Point #1 – IPv6 visibility Why you don’t disappear in a vast pool of IPv6 addresses: • bgp.he.net, DNS and Google gives a good starting point • Humans use predictable names and addresses (::1) • Search space for hosts within a net is limited (~2^24) • Local multicast gives info on local hosts • Running netstat on a compromised system
  • 7. Point #2 – Local attacks When the attacker is on your local network, the IPv6 security model breaks down in a bad way. It assumes that Local = Trusted! • Use IPv6 addresses to bypass IPv4 access controls • Spoof RAs to autoconfigure hosts that support IPv6 • Spoof RAs to become MITM (Gateway & DNS)
  • 8. Point #3 – Internet connectivity (outbound) Do you know about all the (IPv6) traffic that is leaving your network? Including what the traffic is doing, and why it is there? IPv4 traffic towards the Internet may be tightly controlled, but is this the case for IPv6 traffic? The attacker needs tomake outbound communication. IPv6 could be his best option.
  • 9. Point #4 – Internet connectivity (inbound) In some networks, a system can be made accessible from the Internet if you enable IPv6 on it. It depends on how routing and filtering is configured. How does your current IPv6 firewall rule set look? How do you handle fragments and extension headers? Sometimes IPv6 is enabled on systems by accident… or by (vendor’s) default… but without security.
  • 10. Point #5 – Tunneling There are many different IPv6 tunneling mechanisms, meant to be used for transitioning from IPv4. These can be used by an attacker as well. Could give full inbound and outbound IPv6 connectivity between a compromised system and any other IPv6 host on the Internet. Unless you filter all types of IPv6 tunneling in your firewalls.
  • 11. Point #6 – Denial of Service •RA flooding Can be used to kill all local Windows machines •Neighbor Cache Poisoning replying with attacker’s MAC address •Duplicate Address Detection DoS claim that all addresses are taken •RA spoofing change default router or change DNS
  • 12. Defense – What to do 1. Decide and know which networks use IPv6, and for what purpose – disable it everywhere else! Both on the network and on the host 2. Monitor your networks for IPv6 traffic 3. Monitor IPv6 in your logs – e.g., (failed) logins over IPv6! 4. Decide how to do IPv6 network security on each of your networks – e.g., where to put firewalls, what to filter, etc. 5. Do IPv6 hardening of clients, servers, routers, networks, etc.
  • 13. my  nm reading – Marc Heuse e  i s  … Further IPv6 Vulnerabilities, Failures - and a Future? 123 slides on IPv6 hacking http://www.ipv6hacking.info THC-IPv6 Attack Toolkit http://www.thc.org/thc-ipv6 “Critical issues are site-local only” “Security model is from 1995: local = trusted”
  • 14. Further reading – Fernando Gont Recent Advances in IPv6 Security HES 2012 Conference (April 14th) http://2012.hackitoergosum.org “There's an insanely large amount of work to be done in the area of IPv6 firewalling” “Many IPv4 vulnerabilities have been re-implemented in IPv6” “Still lots of work to be done in IPv6 security”
  • 15. Conclusions • IPv6 can be secured – but you must do the work! • Security is not built-in or turned on by default • Lots of security issues that you must deal with • Makes it even more important to monitor logs and analyze your network traffic • Large network segments are still a bad idea… • The attacker can use IPv6 even if you don’t!