1 / 51

Getting Started With IPv6

Learn about the basics of IPv6, its benefits, and how to implement it in your networks. Stay ahead in the network transition with this informative guide.

jamesgriffith
Download Presentation

Getting Started With IPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Getting Started With IPv6Sam BowneCity College San FranciscoTwitter: @sambowneWeb: samsclass.info Last modified 10 am 12-9-10

  2. iClicker Survey

  3. How are you enjoying BayThreat? • Best Con Ever • Worthwhile • Meh • Might be OK if there were free beer • I'm Bored / Disgusted / Outraged

  4. What do you know now about IPv6? • Never heard of it • Heard of it but never used it • I understand the address format • I browse the Web with IPv6 • I have deployed IPv6 on servers, routers, etc.

  5. What plans do you have to use IPv6? • I don't care about IPv6 at all • I'll implement IPv6, but not for years • Planning to implement it within a year • Planning to implement it sooner than a year • I am already using IPv6

  6. A Busy Year for Security Professionals

  7. Aurora Attacks China hacked Google Google hacked China Everyone is pwned by APT

  8. Stuxnet LNK 0Day SCADA vulnerability Successful military operation against Iran via cyberspace

  9. Cybercrime Growth From Symantec, link BayThreat 1

  10. Wikileaks Wikileaks "Insurance" file and cable releases T3hJ35t3r DoS Attacks on Wikileaks DDoS attacks on Wikileaks Amazon, Paypal, DynDNS, MasterCard, Visa all throw Wikileaks under the bus Anonymous attacks Mastercard, Visa, PayPal, a Swiss bank, a Swedish prosecutor's office, maybe Twitter?

  11. Frank DrebinWhere Are You?

  12. Forget All That Because IPv6 is The End Of The World!

  13. IPv4 Exhaustion

  14. IPv4 Addresses: 32 Bits • IPv4 address: 192.168.1.10 • Four bytes • In Binary: 11000000 10101000 00000001 00001010 • 2^32 total addresses • 4 billion

  15. IPv4 Address Depletion Link Baythreat-8

  16. IPv4 Address Space Class A Class B Class C Class D & E

  17. Jan 21, 2010Available Blocks: 24

  18. April 10, 2010Available Blocks: 20

  19. May 8, 2010Available Blocks: 13

  20. Nov 30, 2010Available Blocks: 7

  21. 2011: The End Link BayThreat-7

  22. The End of the World • No Reprieve • IANA will not re-purpose class D or E addresses for general use • People who ask for IPv4 addresses after exhaustion will not get them • Hoarding, scalping, and simple direct sale of used IPv4 addresses will begin soon

  23. IPv6 The Solution

  24. IPv6 Addresses: 128 Bits • IPv6 address • 2001:05c0:1000:000b:0000:0000:0000:66fb • Omitting unnecessary zeroes; • 2001:5c0:1000:b::66fb • Eight fields, each 16 bits long • 4 hexadecimal characters • 2^128 total addresses • 340 billion billionbillionbillion • Enough for a while

  25. Link BayThreat-10

  26. Federal IPv6 Transition Timeline • From Cisco (link BayThreat-11)

  27. ExecutiveSummaryThus Far

  28. IPv4 is Full Image from zinyaw.files.wordpress.com

  29. Migration to IPv6

  30. Methods of IPv6 Migration • Ignore IPv6: Stay on IPv4-only • Gateways: Devices that convert IPv6 to IPv4 • Tunnel: IPv6 over IPv4 • Dual-Stack: IPv4 and IPv6 together • Nirvana: IPv6-only

  31. IPv6 Tunnels • Fast and easy to set up--best for n00bs • Not the best for security or performance • Free IPv4-to-IPv6 Tunnels • Gogo6.com • Sixxs.net • Tunnelbroker.com

  32. GoGo6 • Easiest

  33. Demonstration

  34. Companies Already on IPv6 ipv6.google.com www.v6.facebook.com comcast6.net ipv6.cnn.com More at link Baythreat-12

  35. IPv6 Certifications • Fun, realistic projects • He.net • Link BayThreat-13

  36. IPv6 Sages • As of 12-9-10 • Link BayThreat-18

  37. IPv6 Sages at CCSF • 22 IPv6 Sages at CCSF so far (12-9-10) • Link BayThreat-19

  38. T-Shirt #1 motivator for IPv6 Certification Link Baythreat-9

  39. Security Problems

  40. Used by Ethernet

  41. Privacy Risk Anyone who has your IP address also has your MAC address! There is a "Privacy Extensions" technique to avoid this, enabled by default in Vista and Windows 7

  42. ICMPv6 • Required for all networks • Cannot be blocked • Replaces ARP • "Neighbor Discovery" is trivial

  43. THC-IPv6 • Hacker's Toolkit • Runs fine on Ubuntu, even in VMware on Windows 7 • Instructions: link BayThreat-14

  44. Other Risks • Many security appliances are not ready for IPv6, so it often bypasses them • Torrents run over IPv6 • Link BayThreat-15 • Some VPN appliances are not ready, so IPv6 connections must bypass them • Packet Amplification Attacks • Routing Header Zero • Ping-pong • Links BayThreat-16 and 17

  45. iClicker Survey

  46. What do you think of Wikileaks? • It's heroic and improving the world • It does more good than harm • It's unimportant • It does more harm than good • It's awful and must be eliminated

  47. What do you think of Anonymous? • It's heroic and improving the world • It does more good than harm • It's unimportant • It does more harm than good • It's awful and must be eliminated

  48. What do you think of Layer 7 DoS, like SlowLoris or th3J35t3r's XerXes? • Never heard of it • It's of no importance • It's a minor threat • It's a major threat • It's my top priority

  49. What plans do you have to use IPv6? • I don't care about IPv6 at all • I'll implement IPv6, but not for years • Planning to implement it within a year • Planning to implement it sooner than a year • I am already using IPv6

More Related