At first a very happy new year to everybody!
While thinking about the agenda of the upcoming Troopers NGI IPv6 Track I realized that quite a lot of IPv6-related topics have been covered in the last years by various IPv6 practitioners (like my colleague Christopher Werny) or researchers (like my friend Antonios Atlasis). In a kind of shameless self plug I then decided to put together of list of IPv6 talks I myself gave at several occasions and of publications I (co-) authored. Please find this list below (sorted by years); you can click on the titles to access the respective documents/sources.
I hope some of this can be of help for one or the other among you in the course of your own IPv6 efforts.
Cheers,
Enno
2018
IPv6 Address Management – The First Five Years
Properties of IPv6 and Their Implications for Offense & Defense
2017
Why it might make sense to use IPv6 in enterprise infrastructure projects
Position Paper on an Enterprise Organization’s IPv6 Address Strategy
Balanced Security for IPv6 CPE Revisited
Local Packet Filtering with IPv6
IPv6 Address Selection – A Look from the Lab
Why IPv6 Security Is So Hard – Structural Deficits of IPv6 & Their Implications
Testing RFC 6980 Implementations with Chiron
IPv6 configuration approaches for servers / slides with additional infos
IPv6 Properties of Windows Server 2016 / Windows 10
2016
Real Life Use Cases and Challenges When Implementing Link-local Addressing Only Networks as of RFC 7404
IPv6 from a Developers’ Perspective
Things to Consider When Deploying IPv6 in Enterprise Space
IPv6 & Threat Intelligence
Protecting Hosts in IPv6 Networks
Remote Access and Business Partner Connections
Developing an Enterprise IPv6 Security Strategy
Dual Stack vs. IPv6-only in Enterprise Networks
Things to Consider When Starting Your IPv6 Deployment
IPv6 Address Planning in 2016 / Observations
2015
Developing an Enterprise IPv6 Security Strategy / Part 1: Baseline Analysis of IPv4 Network Security
Developing an Enterprise IPv6 Security Strategy / Part 2: Network Isolation on the Routing Layer
Developing an Enterprise IPv6 Security Strategy / Part 3: Traffic Filtering in IPv6 Networks (I)
Developing an Enterprise IPv6 Security Strategy / Part 4: Traffic Filtering in IPv6 Networks (II)
Developing an Enterprise IPv6 Security Strategy / Part 5: First Hop Security Features
Developing an Enterprise IPv6 Security Strategy / Part 6: Controls on the Host Level
Some Notes on the “Drop IPv6 Fragments” vs. “This Will Break DNS[SEC]” Debate
IPv6 Router Advertisement Flags, RDNSS and DHCPv6 Conflicting Configurations
Main IPv6 Related Mailing Lists
IPv6 in Virtualized Data Centers
The Strange Case of $SOME_SOFTWARE Adding an IPv6 Extension Header, and an Internet Router Dropping Them
Will It Be Routed?
Evasion of Cisco ACLs by (Ab)Using IPv6
IPv6 Address Planning / Some Notes
OS IPv6 Behavior in Conflicting Environments
What to Do Today if You Want to Deploy IPv6 Tomorrow
Is IPv6 more Secure than IPv4? Or Less?
IPv6 & Complexity
MLD Considered Harmful
Reliable & Secure DHCPv6
IPv6-related Requirements for the Internet Uplink or MPLS Networks
An MLD Testing Methodology
Is RFC 6939 Support Finally Here – Checking the Implementation of the “Client Link Layer Address Option” in DHCPv6
/48 Considered Harmful. On the Interaction of Strict IPv6 Prefix Filtering and the Needs of Enterprise LIRs
The Persistent Problem of State in IPv6 (Security)
IPv6-related Requirements for Security Devices
Evaluation of IPv6 Capabilities of Commercial IPAM Solutions
2014
Security Implications of Using IPv6 GUAs Only
Dynamics of IPv6 Prefixes within the LIR Scope in the RIPE NCC Region
Evasion of High-End IDPS Devices at the IPv6 Era
IPv6 in RFIs/Tendering Processes
Protocol Properties & Attack Vectors
Router Advertisement Options to the Rescue – A Deep Dive into DHCPv6, Part 2
I Don’t Have Any Neighbors – A Deep Dive into DHCPv6, Part 1
Security Implications of Disruptive Technologies
IPv6 for Managers
IPv6 Requirements for Cloud Service Providers
IPv6 Address Plan Considerations, Part 3: The Plan 😉
IPv6 Address Plan Considerations, Part 2: The “PI Space from (Single|Multiple) RIR(s) Debate”
IPv6 Address Plan Considerations, Part 1: General Guidelines
2013
Design & Configuration of IPv6 Segments with High Security Requirements
IPv6 Capabilities of Commercial Security Components
IPAM Requirements in IPv6 Networks
IPv6 Neighbor Cache Exhaustion Attacks – Risk Assessment & Mitigation Strategies, Part 1
2012
2011
Yet another update on IPv6 security – Some notes from the IPv6-Kongress in Frankfurt
IPv6 Security Part 2, RA Guard – Let’s get practical
IPv6 Security Part 1, RA Guard – The Theory