applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Pentesting and Securing IPv6 Networks

Register for March 10-11 Course

Marc "van Hauser" Heuse


This training course shows you how to perform penetration testing on IPv6 networks locally and remote - in theory and hands-on. Learn first hand from the developer of the tools and techniques that are specific for IPv6. Additionally, security in deploying IPv6 is taught from network design to firewall, router and system configuration hardening. Today IPv6 is available on every desktop and every server, as all operating systems support IPv6.

Most ISPs have started to make IPv6 available and on several continents you don t get additional IPv4 addresses unless you have an IPv6 rollout started, North America will be affected by these rules mid of May 2014. This training explains the IPv6 issues, concentrating on the security vulnerabilities inherent in the protocol as well as configuration issues and implementation problems. Many known vulnerabilities are presented and students will be able to try them out themselves with supplied tools on the test network.

Then - switching sides - it is explained how to secure IPv6 systems (Windows, Linux, Cisco routers) and what issues with current firewalls are (Juniper SRX, Netscreen, Fortinet, ASA) and especially large networks including routing and how to solve the difficult firewalling questions which arise with IPv6. New advances like SEND, new DHCP6 developments etc. are included. The ratio of hacking vs. securing is 2:1.

Trainees will receive the current unpublished version of the thc-ipv6 protocol attack suite (which has more functionality than the public release), and of course email the trainer in the future questions on IPv6 security.

Because of the huge amount content, the training on the first day will be longer (plan for 7pm or later), and afterwards enjoy a free beer with the trainer and the rest of the group.

Note: In Canada and the USA, beginning mid of May, a company can only get a few more IPv4 addresses if they deploy IPv6. Learn now what the issues are before you have to deploy.


Day 1
Day 2

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Student Prerequisite:

Trainees must have basic knowledge in Linux, TCP/IP, penetration testing and IT security - the more the better.

Hardware/Software Requirements

Trainees should have a Laptop with Kali or Backtrack Linux installed as direct boot from harddisk (no DVD boot) is recommended, however a virtual machine works as well. Also, an Ethernet adapter is required.