CanSecWest: Security Masters Dojo Vancouver
IPv6 Net SecurityRegister for March 5th Course
Users have started playing with IPv6, customers have started putting pressure on vendors for IPv6 support and numerous organizations have kicked-off their IPv6 plans. The current predictions is for the available IPv4 addresses pool to be used by 2012.
Depending on who you ask and how you look at it it can be considered either a minor or a major evolution from IPv4, especially on the security front. What is clear is the IPv6 introduction and deployment, and the mix of IPv4 and IPv6 will create security vulnerabilities and window of opportunities for the bad guys. We will present and discuss the protocols, what the security changes are (good and bad), go through a impact assessment exercise as, even if general belief is that IPv6 "is just a small change on the network" it's actually impacting a lot of systems, applications and processes, discuss issues you will face during a migration, etc.
This course mixes theory and practice in order to achieve an immediate application of the class. Starting from the basics, we will learn IPv6 security together and test some practical attacks with Scapy during the lab sessions. Moreover, we will also cover the protection of Cisco routers.
We will present:
- IPv6 and the current state of usages
- What changes from IPv4
- What the new IPv6 protocols are: IPv6, ICMPv6, Mobile IPv6, 6to4, ...
- How they impact the overall security and which local attacks can be performed with Scapy
- The new holes you'll poke into existing IPv4 deployments
- The system and applications impact including routers deployments
- Share our lessons learned
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
For the lab exercises we will use Scapy, Dynamips and Wireshark. You have to bring your own laptop, running Linux (native or virtualized). Make sure the operating system is working properly especially the network component if you run it inside a VM. You don't have to pre-install the tools. We won't have the time to debug VM or network issues. Make sure you have admin rights or the rights to run the tools and change settings on your computer.
IPv6 with Scapy is not fully supported on Win32 and has been tested only in very limited manner on *BSD/MacOs. We will not be able to debug during the dojo.
The student should be "fluent" with tcpdump/ wireshark output, understand basic TCP/IP routing and basic *NIX network commands. No prior knowledge of IPv6 is required.