Pen testing on IPv6 networks
In Through the Back Door
If you have enabled IPv6 on your network without considering basic security issues, you might have opened up a hole for attackers. In this article, we demonstrate a successful attack on a server via IPv6 and explain how the popular security tools handle IPv6.
Although the “next generation” IPv6 Internet protocol can already look back on more than 10 years of history, many companies are only now starting to migrate to the new version. Some experts have already begun to point out that IPv6 security has some unexpected complications for admins who are accustomed to IPv4 networks. One such under-mentioned problem is the need to lock down or turn off IPv6 services that might be running on an IPv4 or a dual IPv4/ IPv6 network. Some modern systems enable IPv6 by default. Even if your network is primarily focused on IPv4, it is a good idea to pay some special attention to IPv6 in your pen testing. You might discover that your systems are vulnerable to exploits in IPv6 that aren’t available (or don’t appear) through conventional IPv4 pen tests.
Our Services
Buy this article as a PDF
Price $2.95
Direct Download
Buy this article as a PDF
Price $2.95
Tag Cloud
News
-
FSF Outs the World Wide Web Consortium over DRM Proposal
Richard Stallman calls for the W3C to remain independent of vendor interests.
-
Debian 7.0 Debuts
The new release supports nine architectures, 73 human languages, and zero non-Free components.
-
Alpha Version of Fedora 19 Released
Fedora developers release the first alpha version of Fedora 19, known as Schrödinger’s Cat, for general testing. The final release is expected in July 2013.
-
ack 2.0 Released
ack is a grep-like, command-line tool that has been optimized for programmers to search large trees of source code.
-
SUSE Studio 1.3 Released
New features in SUSE Studio 1.3 include enhanced cloud integration, VM platform support, and lifecycle management.
-
Xen To Become Linux Foundation Collaborative Project
The Linux Foundation recently announced that the Xen Project is becoming a Linux Foundation Collaborative Project.
-
RunRev Releases Open Source Version of LiveCode
Open source version of LiveCode is now available for developing apps, games, and utilities for all major platforms.
-
OpenDaylight Project Formed
OpenDaylight is an open source software-defined networking project committed to furthering adoption of SDN and accelerating innovation in a vendor-neutral and open environment.
-
Gnome 3.8 Released
The new Gnome release includes privacy and sharing settings, allowing more user control over access to personal information.
-
Mozilla and Samsung Collaborate on New Browser Engine
Mozilla is collaborating with Samsung on a new web browser engine called Servo.