In this post I want to give an overview of IPv6 security testing efforts performed by various researchers in the past. As laid out in the first part of this series such testing can be considered one of the pillars of an overall IPv6 security strategy in complex environments. I will also try to developContinue reading “IPv6 Security & Capability Testing, Part 2”
Author Archives: Enno
IPv6 Security & Capability Testing, Part 1
Let’s be realistic about this: the advent of any new technology in a complex IT environment can lead to additional vulnerability exposure and hence to additional risk. Given the fundamental role of IP for practically all communication acts and all digital services in today’s organizations this is particularly true for IPv6. On the other handContinue reading “IPv6 Security & Capability Testing, Part 1”
Does One Need DHCP(v6)?
I’ve covered DHCPv6 quite a bit in the past, e.g. in these two ‘A Deep Dive into DHCPv6’ blogposts, this one on RFC 6939, a few other contributions discussing it in some way (1, 2, 3) and a talk on ‘Secure & Reliable DHCPv6’ at the Troopers #TR15 IPv6 Security Summit (slides & video). I alsoContinue reading “Does One Need DHCP(v6)?”
OARC 32
I attended the OARC 32 in San Francisco workshop today and in this post I’ll provide some notes on talks I found particularly interesting. For those interested the full agenda can be found here and some information on the DNS-OARC organization themselves here. Brian Somers: Recursive Resolution from the ground upThis was a super-interesting talkContinue reading “OARC 32”
Organizational Security Implications of IPv6
In this post (with a very German, bulky title π) I’ll take a look at the implications of IPv6 on the security controls & processes in common enterprise environments, based on a few customer projects I performed in 2016β2019. As I laid out in my presentation in the IPv6 WG at the RIPE79 meeting inContinue reading “Organizational Security Implications of IPv6”
Some Notes on IPv6 Bogon Filtering
At first a happy new year to you all!For some of us it will bring IPv6-related happiness (and maybe a few β although temporary π β sorrows). The IPv6 world is full of sources of pain & heated discussions, but in todayβs post I will discuss a topic where life got presumably easier with IPv6Continue reading “Some Notes on IPv6 Bogon Filtering”
Updated: Basic IPv6 Troubleshooting Commands / IPv6 Rosetta Stone 2019
Hi everybody, This post is meant to provide an overview of basic IPv6 troubleshooting approaches and commands, for three main operating systems: Windows, Linux & macOS. For these OSs (and some specific tasks only) it includes an updated version of the “IPv6 Rosetta Stone”, a website I often refer IPv6 beginners to in order toContinue reading “Updated: Basic IPv6 Troubleshooting Commands / IPv6 Rosetta Stone 2019”
Some Notes on IPv4 Address Space
Most of you will be aware there are currently several initiatives to make IPv4 address space formerly & formally considered ‘special addresses’ β and hence not to be used for common Internet traffic β usable (by some definition of ‘usable’). The motivation behind such efforts is clear: namely depletion of RFC 1918 space within manyContinue reading “Some Notes on IPv4 Address Space”
