Seeking IPv6 Security Resources

• Previous message (by thread): Seeking IPv6 Security Resources
• Next message (by thread): Seeking IPv6 Security Resources
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Wed, Nov 26, 2014 at 08:54:07AM -0500, Joe Klein wrote:
> Chris,
> 
> Are you aware IPv6 has 3 or arguably 4 major generations of standards?
> 
> Each generation requires nuanced defense strategies, based on which clauses
> ("must" and "should") were implemented. Some of the derived security works,
> do not reflect, and in some cases contradict current security
> recommendations.

both very good points, Joe, which I fully second.
This is - to some degree - discussed in this talk:
https://www.ernw.de/download/TROOPERS_IPv6SecSummit_ERNW_IPv6_Structural_Deficits.pdf

which I suggest to add to the resource list in compilation.
[disclaimer: I'm the author]

best

Enno






 The perceived newness of the technology, and ambiguities
> of recommendations have resulted in 'pushback' by the security community to
> implement IPv6. This has forced us to continue with the implement of IPv6
> and 'trust' the vender recommendations, based on the limitations of that
> venders products.
> 
> In the cracks, between the standards and implementation of these standards,
> are where security vulnerabilities exist, compromises lay, and defenses
> crumble.
> 
> Joe Klein
> "Inveniam viam aut faciam"
> 
> On Tue, Nov 25, 2014 at 3:32 PM, Chris Grundemann <cgrundemann at gmail.com>
> wrote:
> 
> > Hail NANOG!
> >
> > I am looking for IPv6 security resources to add to:
> > http://www.internetsociety.org/deploy360/ipv6/security/
> >
> > These could be best current practice documents, case-studies,
> > lessons-learned/issues-found, research/evaluations, RFCs, or anything else
> > focused on IPv6 security really.
> >
> > I'm not requesting that anyone do any new work, just that you point me to
> > solid public documents that already exist. Feel free to share on-list or
> > privately, both documents you may have authored and those you have found
> > helpful.
> >
> > Thanks!
> > ~Chris
> >
> > Note: Not every document shared will get posted to the Deploy360 site.
> >
> > --
> > @ChrisGrundemann
> > http://chrisgrundemann.com
> >

-- 
Enno Rey

ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 

Handelsregister Mannheim: HRB 337135
Geschaeftsfuehrer: Enno Rey

=======================================================
Blog: www.insinuator.net || Conference: www.troopers.de
Twitter: @Enno_Insinuator
=======================================================

• Previous message (by thread): Seeking IPv6 Security Resources
• Next message (by thread): Seeking IPv6 Security Resources
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]