IPv6 Security Tips October 22nd, 2007 by Maddog The switch to IPv6 is inevitable. In fact, it's already happening. But even though many organizations will have to take the plunge, there are vey real and wide-ranging risks for those that do so without proper preparation.
Preparing for the transtition -- specifically to minimize security risks -- seems to be common advice from many experts. To help you out, here's a grab bag of resources addressing the multi-faceted issue of IPv6 transition and security. These, with some short excerpts, follow in no particular order: * IPv6 Adoption Risks and Pitfalls By Karl A. Siil, Chief Architect, Lumeta Corporation The key reason that the IPv6 transition will occur much faster than anyone expects is the protocol's innate ability to auto-configure, whether it's "managed" or not. This presents enormous risks to the entire enterprise, both the nascent IPv6 network and the existing IPv4 network. And, if this comes as a surprise to anyone in computer networking, there are already attacks to exploit the flaws in IPv6, both in its native form and tunneled within IPv4. IPv6 can stand up a network with no administrator participation. IPv6 devices seek out other IPv6 devices & routers. Scoped addresses ease sending to "all routers" in a network. Neighbor Discovery and Duplicate Address Detection look for other systems, the latter to assure a lack of collisions in the address space. Multicast Listener Discovery Version 2 (MLDv2) joins up groups with little or no outside help. Read the entire article at: http://www.infoweapons.com/blog/?p=75 -- Freedom consists not in doing what we like, but in having the right to do what we ought. -- Pope John Paul II --[Manny [EMAIL PROTECTED] Alternative Information and Opinion at http://www.phnix.net Advocacy blog: http://mamador.wordpress.com Personal website: http://mannyamador.multiply.com --[Pro-Life Philippines]-------------------[http://www.prolife.org.ph]-- _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
