Explore the security implications of IPv6 adoption in this 33-minute talk from Hack in Paris. Delve into the results of a wide-scale project evaluating security policies across IPv4 and IPv6 for numerous sites. Discover why, despite theoretical similarities, IPv4 and IPv6 security policies often mismatch in practice. Learn about dual-stack environments, IPv6 usage, and the process of identifying targets for the study. Examine findings on port numbers and security policy discrepancies between the two protocols. Gain insights into the current state of IPv6 security and its potential vulnerabilities as more sites become dual-stacked due to IPv4 address exhaustion.
Overview
Syllabus
Introduction
About me
Why I dont speak
What is IPv6
Dualstack
Who uses IPv6
Security policies
IPv4 vs IPv6
What were we doing
The bottom line
IPv6 enabled
Questions
How to get targets
Results
Port numbers
Conclusions
Security policy mismatch
Taught by
Hack in Paris