This is meant to be the first part of a 3-part series discussing the space & types of IP addresses, with a particular focus on what has changed between IPv4 and IPv6. In this first post I’ll take the audience through a historical tour of some developments within the IPv4 address space. In a second part I’ll discuss the properties of differen

Exclusive: The security researcher MalwareMustDie has found a new Linux/IRCTelnet malware– made in Italy – that aims IoT botnet connected by IRC and Telnet. It is able to generate an IPv6 DDoS and performing NEW dangerous capabilities that Mirai was unable to cover. In  a brief interview to Security Affairs @unixfreakjp of MalwareMustDie group e

This is a guest post from Jed Kafetz. After seeing Christopher’s post I decided to create a proof using GNS3 and Virtualbox. The aim is to perform the exact attacking using Antonios Atlasis’ Chiron tools and run a Wireshark packet capture to prove the hop limit drops below 255. The following topology is used in GNS3: The routers used are Cisco C372 and the

Tomorrow, I will join a meeting where I’m expected to contribute, amongst others, to a discussion on the impact of IPv6 on threat intelligence. To prepare for that I started putting together some thoughts & ideas on the topic, and I even thought I might share this in a post (the one you read right now ;-), not least to, maybe, stimulate a discussio

Dear readers, As you may have already noticed, Cisco released an urgent security advisory describing an IPv6 Neighbor Discovery DoS Vulnerability in several flavors of Cisco’s operating systems. Currently IOS-XR, XE and NX-OS are affected while ASA and “classic” IOS are under investigation. At first glance, it might look like yet another IPv6 DoS vulnerabili

In November 2014, after quite some controversy in the IETF OPSEC working group (for those interested look at the archives), the Informational RFC 7404 “Using Only Link-Local Addressing inside an IPv6 Network” was published. It is authored by Michael Behringer and Eric Vyncke and discusses the advantages & disadvantages of an approach using &#

Christopher Werny leads the network security team for ERNW and since 2005 he is involved in numerous IPv6 projects where he is responsible for planning, implementation and troubleshooting existing projects. The first topic he approached was “How to build a conference WLAN Network in General”. The very first suggestion was to put it to the 5GHz channel becaus

Fernando Gont, who is specializing in the field of communications protocols security, gave a talk during this year’s Troopers IPv6 summit. He spoke about network reconnaissance techniques in IPv6 area and presented a brand new set of tools for this purpose. Comparing with methods for IPv4, reconnaissance techniques for IPv6 should be different. It off

Right now, I’m in Buenos Aires for IETF95 where, amongst others, an Internet-Draft authored by Eric Vyncke, Antonios Atlasis and myself will be presented (and hopefully discussed) in two working groups. In the following I want to quickly lay out why we think this is an important contribution. As some of you may remember about two years ago we started

Jasper Bongertz is a Senior Technical Consultant at Airbus Defence and Space CyberSecurity. He is focusing on IT security, Incident Response and Network Forensics. During the IPv6 summit on Troopers16 he had given a talk on anonymization IPv6 in PCAPs and presented his new tool. Sometimes you need to share your packet capture files (PCAPs), but distributing

A talk about DirectAccess (an IPv6-only VPN solution) was given by our colleague Ali Hardudi during IPv6 summit. Ali has recently finished his master thesis on this topic. The DirectAccess VPN technology was introduced by Microsoft starting from Windows server 2008. It allows users remotely, seamlessly and securely connect to their internal network resource

One of the benefits of the next-generation Internet protocol known as IPv6 is the enhanced privacy it offers over its IPv4 predecessor. With a staggering 2128 (or about 3.4×1038) theoretical addresses available, its IP pool is immune to the types of systematic scans that criminal hackers and researchers routinely perform to locate vulnerable devices and netw

Evil Foca is a network attack toolkit for penetration testing professionals and security auditors whose purpose it is to test security in IPv4 and IPv6 data networks.The software automatically scans the networks and identifies all devices and their respective network interfaces, specifying their IPv4 and IPv6 addresses as well as the physical addresses throu

Remember how, a decade ago, we told you that the Internet was running out of IPv4 addresses? Well, it took a while, but that day is here now: Asia, Europe, and Latin America have been parceling out scraps for a year or more, and now the ARIN wait list is here for the US, Canada, and numerous North Atlantic and Caribbean islands. Only organizations in Africa

 IPv4 Exhaustion: The North America ran out of IPv4 addresses and according to the ARIN it has officially exhausted its supply of IPv4 addresses. The news of the day is that North America ran out of IPv4 addresses and according to The American Registry for Internet Numbers (ARIN) it has officially exhausted its supply of IPv