CanSecWest: Security Masters Dojo Vancouver
Pentesting and Securing IPv6 Networks
Register for March 5th to 6th Course
Instructor:
Marc "van Hauser" Heuse
Description
This workshop shows you how to perform penetration testing on IPv6 networks locally and remote - in theory and hands-on. It is the only workshop which supplies you with the necessary tools - especially for remote tests - which are nowhere else available.
Today IPv6 is available on every desktop and every server, as all operating systems since Windows XP and Linux Kernel 2.2 support IPv6. Hosting providers start to offer IPv6 addresses and networking. IPv6 is already available in corporations, e.g. all major mobile providers already support it on their backbones.
This training explains the IPv6 issues, concentrating on the security vulnerabilities inherent in the protocol as well as configuration issues and implementation problems. All so far known vulnerabilities are presented and students will be able to try them out themselves with supplied tools on the test network.
Then - switching sides - it is explained how to secure IPv6 systems (Windows, Solaris, Linux) and especially large networks including routing and how to solve the difficult firewalling questions which arise with IPv6. New advances like SEND, new DHCP6 developments and ISATAP etc. are included.
The ratio of hacking vs. securing is 2:1.
Trainees will not only receive the current unpublished version of the thc-ipv6 protocol attack suite (which has more functionality than the public release) but also receive direct development source code access for the future.
Student Prerequisite:
Trainees must have basic knowledge in Linux, TCP/IP and IT security - the more the better.
Hardware/Software Requirements
Trainees should have a Laptop with Linux (2.6 kernel) installed (either direct boot or virtual server) and arrive with an Ethernet cable to be able to participate in the hands-on sessions. Using Backtrack 5 is recommended.
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
Agenda
Day 1- Introduction to IPv6 (the mindset behind IPv6, how does it work, what is different to IPv4, new features)
- Vulnerabilities in IPv6 (problems in IP6, problems in ICMP6, mobile IPv6
- How to pentest IPv6 networks remotely
- How to pentest IPv6 networks locally
- Vulnerabilities with tunnel and migration issues (e.g. 6to4, Teredo,ISATAP), configuation issues, implementation problems) Includes lots of hands-on time (scanning local and remote networks, performing various man-in-the-middle attacks based on ICMP6, attacking dual stack systems, etc.)
Day 2
- Secure transition from IPv4 to IPv6
- DMZ design
- Firewall configuration
- Network design
- Router configuration
- Client configuration
