IPv6 Security Crash Course - Hands-On with Fernando Gont

Date:
23. - 25. März 2020, 9am to 5pm
Location:

Digicomp Zürich

Event sponsor:

 

Target audience:
Netzwerk- und Security Engineers and Administrators, Security Professionals, Penetration Testers

Seize this rare opportunity and enjoy learning about IPv6 security from the source!

This course will provide the attendee with in-depth knowledge of IPv6 security, such that the attendee is able to evaluate and mitigate the security implications of IPv6 in production environments. The attendee will be given an in-depth explanation of each topic covered in this course, and will learn – through hands-on exercises – how each feature can be exploited for malicious purposes. Subsequently, the attendee will be presented with a number of alternatives to mitigate each of the identified vulnerabilities.

This course will employ a range of open source tools to evaluate the security of IPv6 networks, and to reproduce a number of IPv6-based attacks. During the course, the attendee will perform a large number of exercises in a network laboratory (with the assistance of the trainer), such that the concepts and techniques learned during this course are reinforced with hands-on exercises. The attendee will be required to perform a large number of IPv6 attacks, and to envision mitigation techniques for the corresponding vulnerabilities.

Content:

  • Quick Review of IPv6 Basics (Addressing, Extension Headers, Neighbour Discovery etc).
  • IPv6 Addressing - Scanning Attacks, Privacy implications, end-to-end security
  • IPv6 Extension Headers - Implications, Exploitation, Troubleshooting, Network Reconnaissance, Recent Advances
  • IPsec - VPN traffic leakages
  • ICMPv6 - Network Reconnaissance
  • Neighbor Discovery - Address Resolution, ND Cache, ND attacks, ND security controls, Config options
  • Stateless Address Auto-configuration (SLAAC) - Operation and messages, Duplicate Address Detection, SLAAC attacks, DAD attacks, SLAAC security controls, Config options
  • DHCPv6 - Security Implications, attacks, security controls
  • MLD (Multicast Listener Discovery) - Security implications, attacks, security controls
  • Upper Layer attacks - TCP, UDP, possible mitigations
  • DNS support for IPv6 - Network reconnaisasance, Exploiting DNS reverse mapping
  • Security Implications of IPv6 for IPv4-only Networks - IPv6 attacks on IPv4-only Networks and mitigations
  • Network Reconnaissance in IPv6 - Host scanning, Port scanning
  • IPv6 Deployment considerations - Operating System hacking, other considerations

Prerequisites:

Participants are expected to have a basic understanding of IPv6 Fundamentals such as IPv6 Addressing, Header Structure and Extension Headers, ICMPv6, Neighbor Discovery, SLAAC, Multicast Listener Discovery etc.

More information and registration via Digicomp.

If you like to refresh or update your IPv6 basic understanding, you may visit the IPv6 Fundamentals Hands-On Course on February 24 - 26 at Digicomp in Zurich. People that book both classes will get a bundle discount of 10% of the  IPv6 Hands-On. If you are not sure if you meet the prerequisites, please contact me.

 

Speaker

Fernando Gont, IPv6 Security and Networking Expert

 

Fernando Gont is a world-renowned IPv6 expert, working on IPv6 consulting around the world:

  • He has written more that 25 IETF RFCs, many of which focus on IPv6.
  • He is actively involved in IPv6 standardization, with more than 10 active IETF Internet-Drafts
  • He is the author of the SI6 Network’s IPv6 toolkit, the only portable and freelyavailable toolkit for the IPv6 protocol suite.
  • He has been delivering consulting and training services worldwide for more than ten years.
  • More information about Fernando Gont is available at his web site: https://www.gont.com.ar

 

  • English
  • Deutsch
  • Français