Sunday, February 10, 2013

Sam Bowne: Who Cares About IPv6 and Dos Attacks at DEFCON 18

What is IPv6? Why should you care? If we ignore it, will it just go away? This video covers changes in internet protocol and the vulnerabilities this represents. It also covers the denial of service (DoS) attacks that some hackers like the Jester, members of Anonymous and LulSec have used.

The current Internet Protocol numbering scheme, IPv4, is nearing its end-of-life. Within two years, all the IPv4 numbers will be allocated, so that new devices will not be able to connect directly to the Internet. We all will be forced to adapt to the new IPv6 system soon. But how can we get started?

This talk explains why IPv6 is necessary, how it works, and how everyone can quickly and easily start using it now. I will explain and demonstrate how to set up a free tunnel to access the Internet via IPv6.

I will also explain the Hurricane Electric IPv6 certifications. The certifications are great because they guide a novice through the stages of IPv6 knowledge: connecting as a client, setting up an IPv6-enabled Web server, email server, DNS server, and glue records.

There are large security implications to IPv6 too. I will explain several important IPv6 vulnerabilities and countermeasures, including auto-configuration privacy risks, torrents over IPv6, bypassing VPNs with IPv6, Routing Header Zero packet amplification attacks, and the ping-pong IPv6 DoS vulnerability.

My goal is to convince the audience to pay attention to IPv6 and to guide them to an easy way to start learning about it and using it now. All my students at City College San Francisco will have IPv6 homework from now on--you need to get on board now or be left behind!

Download Power Point Slides and you can follow Sam Bowne at

No comments:

Post a Comment