Approved for 1 CompTIA CEU: A+, Network+, Security+, and CASP; 1 GIAC CPE
Now that the pool of available addresses in the existing Internet Protocol, IPv4, has run out, IPv6 is well on its way to becoming the new worldwide standard for communications on the Internet. This session will take a deep dive into the security implications of running IPv6 as well as NOT running IPv6. After a brief overview of IPv6 basics, we will discuss methods by which a miscreant can use IPv6 to create attacks against the network infrastructure as well as other users.
Did you know that by faking the messages that IPv6 routers send, a bad actor can create a man in the middle attack against your users without your knowledge? Did you know they could do this even if you have not enabled IPv6 on your infrastructure?
Other IPv6 security topics will include:
- Address resolution vulnerabilities
- Rogue Router Advertisement servers
- DHCPv6 attacks
- DDoS
- Neighbor cache exhaustion
- Packet fragmentation risks