Today I flew over to Frankfurt, Germany to attend the IPv6 Kongress organized by Heise . I’m really glad to be there as it gives me other insights regarding this topic. I’m currently busy writing my bachelor’s thesis about IPv6 Security. I expect to get a walth of informaiton for during the next two days.
During the next two days I am going to post some information about the congress here. So, check back if you’re interested at all. Also, have a look at the visual impressions below 😉
The first day started with a really good but dense introduction to the essentials of IPv6 by Silvia Hagen. She is the author of the O’Reilly book “IPv6 Essentials”. She covered topics such as IPv6 improvements, header structure, extension header architecture. This talk was a good foundation for the talk that would follow.
The afternoon started with a more practical talk by Wilhelm Boeddinghaus from Strato. The talk named “IPv6 in 7 Schritten im Unternehmensnetz einführen” highlighted important steps during an IPv6 introduction. He emphasized that taking the management into the boat is a not to be forgotten task.
Later on, Benedikt Stockebrand held the talk “Der real existierende Teufel im Detail” in which he discussed problems that can arise from layer 3 up to layer 8 and more. He mentioned that it is important to not only enable your technical infrastructure to be ready for IPv6. Moreover it is critical to also enable your users, developers, managers and so on to become IPv6-enabled. All in all an entertaining talk.
The last two talks were about privacy extentions and common attack scenarios, such as fake router advertisements. The first talk was held by Enno Rey from ERNW GmbH and the last talk was held by Erick Vyncke from Cisco, one of the authors of the “IPv6 Security” book.
I started day two by attending two talks about security vulnerabilities in the IPv6 protocol. The first talk, “v6-Security: Sicherheitslücken im Router-Advertisement-Protokoll”, was about the risks involved with using router advertisements in a LAN environment. The second talk “v6-Security: Firewalls nicht vorgesehen”, was given by Alexander Bluhm. He highlighted the problems which manufactures of firewalls and application level gateways face these days when implementing IPv6. The main point was, that the RFCs do not give really clear instructions on how to implement certain functions. Often, statements from RFCs are contradictory. He therefore suggested to not simply implement all the RFCs regarding IPv6 like slaves, but rather ask yourself what makes sense and what not. The aim is to protect the systems and the customers data.
The afternoon talks were about practical experience in introducing IPv6 to certain companies. Dr. Peter Gröschke from Detecon, a Telekom company, talked about his experience during an IPv6 assessment in Africa. They had the task to assess the existing IPv4 infrastructure and give recommendations on how to upgrade to IPv6. In the end, they were not able to migrate the whole infrastructure to IPv6. So they focused on the components that were critical to business.
The last talk I’ve attended was about data protection and law regarding IPv6. The main discussion point was, whether an IPv6 address is personal data or not. The talk itself was really interesting and came to the conclusion that an IPv6 address is indeed person-related data.