SlideShare a Scribd company logo
Joe Klein, CISSP
Cybersecurity Fellow, IPv6 Forum
Consultant, Researcher & Trainer, Longboat, LLC
May 2018
Observations from
the lab, field &
executive suite
1
About me: Joe Klein <many certs>
• Spoken at: DefCon, Black Hat, Torcon, SecTor, Security
Days, Hackers on Planet Earth, SANS, IEEE, IoT,…

• Roles: Photographer, Electronics Engineer, Robotics
Engineer, Entrepreneur, CEO, CTO, CSO, ISP, Security
Architect, Developer, Pentester, Incident Handler, Professor,
Policy Writer, Auditor, Assure, Firewall/Network Engineer,
Integrator, Data Scientist, ML experimenter, Threat Intel,
Computer Scientist, Hacker

• Timeline:
• 70’s: Electronics, Radios, Gamer, Magic, Mainframe &
Micro Computers, First ‘Hack’

• 80’s: BBS’s, Game Hacker, Robots, Unix/c/FORTH/Basic/
COBOL/LISP/c++, DEC, SNA Networks, Internet
connected, CyberForensics, Routers/Switches

• 90’s: ISP, IPv6, Penetrations Testing, Network Defender,
Web Developer, Teaching Internet/Web Dev, IETF

• 2000’s: CSO, Linux, Audits, Assessments, Car/IOT/
Building Controls, SCADA Hacking, Teaching
Cybersecurity + SANS, Patents, International Speaking

• 2010’s: DARPA, Policies, Startup, Honeypots, Deception
Networks, IPv6 Fellow, GoLang, IEEE, Sprint Triathlon

Recent Focus: Attacked Forced Time Scoped D&D
2
How to Prepare To Implement IPv6!
It’s Complex…
3
Observation 1 - Establish your IPv6 Standard for all Procurement!
• Why?
• Establish a baseline of technology standards, during technology refresh
• Ensure you are ready to move to IPv6, without big purchases!
• How?
1. Can the Product vender support IPv6? “Eating their own dog Food!”
• Internet Facing Services (Dual Stack) https://ip6.nl/#
• IPv6 only clients behind 6xlt & NAT64/DNS64 https://nat64check.ipv6-
lab.net/v6score
4
Observation 1 - Establish your IPv6 standard for all Procurement!
• How?
1. The Supplier's Declaration of Conformity (SDOC)
• Product suppliers declare product capabilities to buyers, as advertised
• Buyer is responsible for providing specifications
• Seller is responsible to fix, if it does not meet specifications
• https://www-x.antd.nist.gov/usgv6/sdoc.html
5
IPv6 Standards Touch Every Protocol!
6
What does IPv6 compliant mean to me?
IPv6 Standard 86 (RFC 8200) First Order Dependencies
Current IPv6 Standard
Changes to Path MTU
References from
Newer standards (12)
Updates to
older standards (29)
7
IPv6 Standard 86 (RFC 8200)
First & Second Order Path MTU Dependencies
• October 1989 - Updated - Requirements for Internet Hosts -- Communication Layers
• November 1990 - Path MTU Discovery
• November 1996 - Path MTU Discovery for IP version 6 - Obsoleted by 8201 July 2017
• November 1997 - Key words for use in RFCs to Indicate Requirement Levels
• September 2000 - TCP Problems with Path MTU Discovery
• March 2006 - Datagram Congestion Control Protocol (DCCP)
• March 2006 - Internet Control Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification - Obsoletes RFC 2463
• March 2007 - Packetization Layer Path MTU Discovery
• September 2007- Neighbor Discovery for IP version 6 (IPv6)- Obsoletes 2461
• May 2007- Neighbor Discovery for IP version 6 (IPv6)- Obsoletes 2461
• September 2007 - Stream Control Transmission Protocol- Obsoletes 2960. 3309
• December 2007 - Deprecation of Type 0 Routing Headers in IPv6 - Obsoletes 2960
• July 2012 - TCP Options and Maximum Segment Size (MSS)
• March 2015- Network File System (NFS) Version 4 Protocol- Obsoletes 3530
• May 2016- RFC Streams, Headers, and Boilerplates - Obsoletes 5741
• March 2017 - UDP Usage Guideline - Obsoletes 5405
• March 2017 - Path MTU Discovery for IP version 6 - Obsoletes 1981
IPv6 Standard
July 2017
Updates to
older standards (17))8
IPv6 will not solve cybersecurity problems, right?
9
Fundamental of
Cyber Security & Privacy
❖ “Remote-access, multi-user resource- sharing
computer system”
❖ Attackers Exploit
❖ Systems
❖ Hardware|Software|Data
❖ Networks
❖ People
❖ Users
❖ Operators
❖ Systems Programmers
❖ Maintenance Man (Person)
April 1967
Reference: https://www.rand.org/pubs/authors/w/ware_willis_h.html
10
First Cybersecurity
Threats Diagram
Willis H. Ware, RAND Corporation
April 1967
Reference: https://www.rand.org/pubs/authors/w/ware_willis_h.html
11
SO why is this happening?
Technical Supply-Chain Debt —
The real problem!
Technical Debt Powerpoint
12
What Does Winning Defender Look Like?
13
Defender's Dilemma
“The intruder only needs to exploit one of the victims in order to
compromise the enterprise.”
Intruder's Dilemma
“The defender only needs to detect one of the indicators of the intruder’s
presence in order 

to initiate incident response within the enterprise.”
Reference: https://taosecurity.blogspot.com/2009/05/defenders-dilemma-and-intruders-dilemma.html
14
The Intruder Game
Tactic - Technical goal of the intruder
Technique - How intruder achieves the goal
The Intruder Chooses Time and Goal, Not You!
The Defender Choose Confidence level of the Detection!
15
How do I Remove the Noise to Find the Attackers and increase
confidence levels?
Reduce False Positives and Negatives!
16
Defenders Game: ATT&CK: Deconstructs the Lifecycle
Freely available, curated knowledge based on
observed adversary behavior
Higher fidelity on right-of-exploit,
post-access phases
Describes behavior and not adversary tools
Built for the “Public Good”
Right of the Boom!
17
MITRE Pre-ATT&CK
Adversarial Tactics, Techniques & Common Knowledge
• Blacklist IP, Hash Domains are fungible, quickly replaceable
• Pre-compromise activities are largely executed outside the
enterprise’s field of view
• Data Brokers (Free and for pay),
• Websites (Partners, Yours, Government),
• Search Engines and Bots
• Social Network Bots
Left-of-the-Boom
18
MITRE ATT&CK Enterprise
Perimeter Defense
• Items in yellow are the only attributes
detectable by tuned perimeter security

• Items in red, address requirements on hosts
and first hop networks.

• Conclusion: 

• Perimeter security has minimal visibility
into attackers insider your environment

• IT slows the attacker, but this is not
measurable

• Tuning the security perimeter security to
detect and alert on pre & post attack items
are critical to catch attackers.
19
The Defenders Goal
• Strong trusted alerts
• Behavior tracking
• Automated response
20
More Detail?
21
Open Source - MITRE Resources
• Interactive Attack Navigator:
• ATT&CK Enterprise: https://mitre.github.io/attack-navigator/enterprise/
• ATT&CK Mobile: https://mitre.github.io/attack-navigator/mobile/
• Source Code: https://github.com/mitre/attack-navigator
• Attacker Groups: https://attack.mitre.org/pre-attack/index.php/Groups
• Attacker Group Tactics: https://attack.mitre.org/pre-attack/index.php/Tactics
• Unfetter Project - Discover and analyze gaps in your security posture
• https://nsacyber.github.io/unfetter/ https://github.com/unfetter-discover/unfetter
• Caldera - An automated adversary emulation system (validate alerts)
• https://github.com/mitre/caldera
22
I understand there is no way of scanning
the IPv6 Internet, is that true?
23
History of Scanning Internet-Facing
IPv6 Devices
• 2^64 or 2^128 - Brute Force - Fails in IPv6!

• May 2005, Marc “van Huser” Heuse, Attacking the
IPv6 Protocol Suite, THC-IPv6 toolkit (1)

• May 2007, Joe Klein, “Scanning and Microsoft
Mobile compromise via 6to4 on SPRINT”,
Responsible Disclosure Notice to Microsoft, Sprint
and US CERT, HOPE 2008 (2)

• March 2008, IETF, RFC 5157, “IPv6 Implications for
Network Scanning” (3)

• May 2012, NMAP for IPv6, version 6 (4)

• March 2016, IETF, RFC 7707, “Network
Reconnaissance in IPv6 Networks” (5)

• December 2018, Joe Klein, “Outbound Initiated
Requests for Passive Scanning of IPv6” (6)

• December 2018, Joe Klein, “Passive IPv6 Scanning
using Certificate Transparency process” (7)
24
So we are safe? Attackers have not used IPv6 in the past?
25
Attacks on IPv6
26
Microsoft Phones are not on IPv6 in 2007
27
Attacks on IPv6
, First DDOS
, Botnet C&C
28
Are their engineering things I can do, to improved detection and
reduce operational complexity?
29
It’s not just 96 more bits
30
It’s not just 96 more bits
31
How long have systems
been compromise via IPv6?
32
Published 2008
33
The opportunity to re-engineer our part of the
Global Internet only happens once in a lifetime!
Ensure it is operational and security!
34
Joe Klein
jsklein@gmail.com
@joeklein
35

More Related Content

What's hot

Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
veerababu penugonda(Mr-IoT)
 
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Clare Nelson, CISSP, CIPP-E
 
Beginners guide on how to start exploring IoT 2nd session
Beginners  guide on how to start exploring IoT 2nd sessionBeginners  guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd session
veerababu penugonda(Mr-IoT)
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-days
Zoltan Balazs
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoT
Priyanka Aash
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101
veerababu penugonda(Mr-IoT)
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
Ramin Farajpour Cami
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?
Ramin Farajpour Cami
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
John Bambenek
 
Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)
Guy Podjarny
 
How to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ DisobeyHow to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ Disobey
Zoltan Balazs
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
SecuRing
 
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
Hacks in Taiwan (HITCON)
 
IOT Exploitation
IOT Exploitation	IOT Exploitation
Shamoon
ShamoonShamoon
Shamoon
Shakacon
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
Andrew Morris
 
How to be a Hacker (Sut i fod yn Haciwr)
How to be a Hacker (Sut i fod yn Haciwr)How to be a Hacker (Sut i fod yn Haciwr)
How to be a Hacker (Sut i fod yn Haciwr)
Martin Hamilton
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"
Christiaan Beek
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
Christiaan Beek
 

What's hot (19)

Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
 
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
 
Beginners guide on how to start exploring IoT 2nd session
Beginners  guide on how to start exploring IoT 2nd sessionBeginners  guide on how to start exploring IoT 2nd session
Beginners guide on how to start exploring IoT 2nd session
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-days
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoT
 
Firmware analysis 101
Firmware analysis 101Firmware analysis 101
Firmware analysis 101
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
 
Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)
 
How to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ DisobeyHow to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ Disobey
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
 
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
 
IOT Exploitation
IOT Exploitation	IOT Exploitation
IOT Exploitation
 
Shamoon
ShamoonShamoon
Shamoon
 
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To NoiseGreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
 
How to be a Hacker (Sut i fod yn Haciwr)
How to be a Hacker (Sut i fod yn Haciwr)How to be a Hacker (Sut i fod yn Haciwr)
How to be a Hacker (Sut i fod yn Haciwr)
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 

Similar to IPv6 Security Talk mit Joe Klein

Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
ShivamSharma909
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
ShivamSharma909
 
Securing your Cloud Environment v2
Securing your Cloud Environment v2Securing your Cloud Environment v2
Securing your Cloud Environment v2
ShapeBlue
 
Introduction to web security @ confess 2012
Introduction to web security @ confess 2012Introduction to web security @ confess 2012
Introduction to web security @ confess 2012
jakobkorherr
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agenda
ShivamSharma909
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
InfosecTrain
 
Offensive cyber security engineer
Offensive cyber security engineerOffensive cyber security engineer
Offensive cyber security engineer
ShivamSharma909
 
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
Santhosh Kumar
 
Nomura UCCSC 2009
Nomura UCCSC 2009Nomura UCCSC 2009
Nomura UCCSC 2009
dnomura
 
Luiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchLuiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitch
Yury Chemerkin
 
G3t R00t at IUT
G3t R00t at IUTG3t R00t at IUT
G3t R00t at IUT
Nahidul Kibria
 
Open Source & Cybersecurity
Open Source & CybersecurityOpen Source & Cybersecurity
Open Source & Cybersecurity
Fathi Kamil Mohad Zainuddin
 
Securing your Cloud Environment
Securing your Cloud EnvironmentSecuring your Cloud Environment
Securing your Cloud Environment
ShapeBlue
 
Why defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillWhy defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skill
Ollie Whitehouse
 
Defcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesDefcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slides
Marina Krotofil
 
Avast @ Machine Learning
Avast @ Machine LearningAvast @ Machine Learning
Avast @ Machine Learning
Avast
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security Intelligence
Jason Choi
 
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsBeyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation Track
Priyanka Aash
 
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTSTALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS
Dawn Yankeelov
 

Similar to IPv6 Security Talk mit Joe Klein (20)

Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
 
Securing your Cloud Environment v2
Securing your Cloud Environment v2Securing your Cloud Environment v2
Securing your Cloud Environment v2
 
Introduction to web security @ confess 2012
Introduction to web security @ confess 2012Introduction to web security @ confess 2012
Introduction to web security @ confess 2012
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agenda
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Offensive cyber security engineer
Offensive cyber security engineerOffensive cyber security engineer
Offensive cyber security engineer
 
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
 
Nomura UCCSC 2009
Nomura UCCSC 2009Nomura UCCSC 2009
Nomura UCCSC 2009
 
Luiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchLuiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitch
 
G3t R00t at IUT
G3t R00t at IUTG3t R00t at IUT
G3t R00t at IUT
 
Open Source & Cybersecurity
Open Source & CybersecurityOpen Source & Cybersecurity
Open Source & Cybersecurity
 
Securing your Cloud Environment
Securing your Cloud EnvironmentSecuring your Cloud Environment
Securing your Cloud Environment
 
Why defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillWhy defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skill
 
Defcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesDefcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slides
 
Avast @ Machine Learning
Avast @ Machine LearningAvast @ Machine Learning
Avast @ Machine Learning
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security Intelligence
 
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsBeyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation Track
 
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTSTALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTS
 

More from Digicomp Academy AG

Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Digicomp Academy AG
 
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Digicomp Academy AG
 
Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018
Digicomp Academy AG
 
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handoutRoger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Digicomp Academy AG
 
Roger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handoutRoger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handout
Digicomp Academy AG
 
Xing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit xXing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit x
Digicomp Academy AG
 
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Digicomp Academy AG
 
Agiles Management - Wie geht das?
Agiles Management - Wie geht das?Agiles Management - Wie geht das?
Agiles Management - Wie geht das?
Digicomp Academy AG
 
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi OdermattGewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Digicomp Academy AG
 
Querdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING ExpertendialogQuerdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING Expertendialog
Digicomp Academy AG
 
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickelnXing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
Digicomp Academy AG
 
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only BuildingSwiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Digicomp Academy AG
 
UX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital BusinessUX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital Business
Digicomp Academy AG
 
Minenfeld IPv6
Minenfeld IPv6Minenfeld IPv6
Minenfeld IPv6
Digicomp Academy AG
 
Was ist design thinking
Was ist design thinkingWas ist design thinking
Was ist design thinking
Digicomp Academy AG
 
Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich
Digicomp Academy AG
 
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)CommerceXing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Digicomp Academy AG
 
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloudZahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
Digicomp Academy AG
 
General data protection regulation-slides
General data protection regulation-slidesGeneral data protection regulation-slides
General data protection regulation-slides
Digicomp Academy AG
 
Möglichkeiten der Online-Werbung - Referat von Matteo Schürch
Möglichkeiten der Online-Werbung - Referat von Matteo SchürchMöglichkeiten der Online-Werbung - Referat von Matteo Schürch
Möglichkeiten der Online-Werbung - Referat von Matteo Schürch
Digicomp Academy AG
 

More from Digicomp Academy AG (20)

Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
 
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
 
Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018
 
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handoutRoger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
 
Roger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handoutRoger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handout
 
Xing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit xXing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit x
 
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
 
Agiles Management - Wie geht das?
Agiles Management - Wie geht das?Agiles Management - Wie geht das?
Agiles Management - Wie geht das?
 
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi OdermattGewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
 
Querdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING ExpertendialogQuerdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING Expertendialog
 
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickelnXing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
 
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only BuildingSwiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
 
UX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital BusinessUX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital Business
 
Minenfeld IPv6
Minenfeld IPv6Minenfeld IPv6
Minenfeld IPv6
 
Was ist design thinking
Was ist design thinkingWas ist design thinking
Was ist design thinking
 
Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich
 
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)CommerceXing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
 
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloudZahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
 
General data protection regulation-slides
General data protection regulation-slidesGeneral data protection regulation-slides
General data protection regulation-slides
 
Möglichkeiten der Online-Werbung - Referat von Matteo Schürch
Möglichkeiten der Online-Werbung - Referat von Matteo SchürchMöglichkeiten der Online-Werbung - Referat von Matteo Schürch
Möglichkeiten der Online-Werbung - Referat von Matteo Schürch
 

Recently uploaded

7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
SEO Article Boost
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
ukwwuq
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 

Recently uploaded (20)

7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 

IPv6 Security Talk mit Joe Klein

  • 1. Joe Klein, CISSP Cybersecurity Fellow, IPv6 Forum Consultant, Researcher & Trainer, Longboat, LLC May 2018 Observations from the lab, field & executive suite 1
  • 2. About me: Joe Klein <many certs> • Spoken at: DefCon, Black Hat, Torcon, SecTor, Security Days, Hackers on Planet Earth, SANS, IEEE, IoT,… • Roles: Photographer, Electronics Engineer, Robotics Engineer, Entrepreneur, CEO, CTO, CSO, ISP, Security Architect, Developer, Pentester, Incident Handler, Professor, Policy Writer, Auditor, Assure, Firewall/Network Engineer, Integrator, Data Scientist, ML experimenter, Threat Intel, Computer Scientist, Hacker • Timeline: • 70’s: Electronics, Radios, Gamer, Magic, Mainframe & Micro Computers, First ‘Hack’ • 80’s: BBS’s, Game Hacker, Robots, Unix/c/FORTH/Basic/ COBOL/LISP/c++, DEC, SNA Networks, Internet connected, CyberForensics, Routers/Switches • 90’s: ISP, IPv6, Penetrations Testing, Network Defender, Web Developer, Teaching Internet/Web Dev, IETF • 2000’s: CSO, Linux, Audits, Assessments, Car/IOT/ Building Controls, SCADA Hacking, Teaching Cybersecurity + SANS, Patents, International Speaking • 2010’s: DARPA, Policies, Startup, Honeypots, Deception Networks, IPv6 Fellow, GoLang, IEEE, Sprint Triathlon Recent Focus: Attacked Forced Time Scoped D&D 2
  • 3. How to Prepare To Implement IPv6! It’s Complex… 3
  • 4. Observation 1 - Establish your IPv6 Standard for all Procurement! • Why? • Establish a baseline of technology standards, during technology refresh • Ensure you are ready to move to IPv6, without big purchases! • How? 1. Can the Product vender support IPv6? “Eating their own dog Food!” • Internet Facing Services (Dual Stack) https://ip6.nl/# • IPv6 only clients behind 6xlt & NAT64/DNS64 https://nat64check.ipv6- lab.net/v6score 4
  • 5. Observation 1 - Establish your IPv6 standard for all Procurement! • How? 1. The Supplier's Declaration of Conformity (SDOC) • Product suppliers declare product capabilities to buyers, as advertised • Buyer is responsible for providing specifications • Seller is responsible to fix, if it does not meet specifications • https://www-x.antd.nist.gov/usgv6/sdoc.html 5
  • 6. IPv6 Standards Touch Every Protocol! 6
  • 7. What does IPv6 compliant mean to me? IPv6 Standard 86 (RFC 8200) First Order Dependencies Current IPv6 Standard Changes to Path MTU References from Newer standards (12) Updates to older standards (29) 7
  • 8. IPv6 Standard 86 (RFC 8200) First & Second Order Path MTU Dependencies • October 1989 - Updated - Requirements for Internet Hosts -- Communication Layers • November 1990 - Path MTU Discovery • November 1996 - Path MTU Discovery for IP version 6 - Obsoleted by 8201 July 2017 • November 1997 - Key words for use in RFCs to Indicate Requirement Levels • September 2000 - TCP Problems with Path MTU Discovery • March 2006 - Datagram Congestion Control Protocol (DCCP) • March 2006 - Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification - Obsoletes RFC 2463 • March 2007 - Packetization Layer Path MTU Discovery • September 2007- Neighbor Discovery for IP version 6 (IPv6)- Obsoletes 2461 • May 2007- Neighbor Discovery for IP version 6 (IPv6)- Obsoletes 2461 • September 2007 - Stream Control Transmission Protocol- Obsoletes 2960. 3309 • December 2007 - Deprecation of Type 0 Routing Headers in IPv6 - Obsoletes 2960 • July 2012 - TCP Options and Maximum Segment Size (MSS) • March 2015- Network File System (NFS) Version 4 Protocol- Obsoletes 3530 • May 2016- RFC Streams, Headers, and Boilerplates - Obsoletes 5741 • March 2017 - UDP Usage Guideline - Obsoletes 5405 • March 2017 - Path MTU Discovery for IP version 6 - Obsoletes 1981 IPv6 Standard July 2017 Updates to older standards (17))8
  • 9. IPv6 will not solve cybersecurity problems, right? 9
  • 10. Fundamental of Cyber Security & Privacy ❖ “Remote-access, multi-user resource- sharing computer system” ❖ Attackers Exploit ❖ Systems ❖ Hardware|Software|Data ❖ Networks ❖ People ❖ Users ❖ Operators ❖ Systems Programmers ❖ Maintenance Man (Person) April 1967 Reference: https://www.rand.org/pubs/authors/w/ware_willis_h.html 10
  • 11. First Cybersecurity Threats Diagram Willis H. Ware, RAND Corporation April 1967 Reference: https://www.rand.org/pubs/authors/w/ware_willis_h.html 11
  • 12. SO why is this happening? Technical Supply-Chain Debt — The real problem! Technical Debt Powerpoint 12
  • 13. What Does Winning Defender Look Like? 13
  • 14. Defender's Dilemma “The intruder only needs to exploit one of the victims in order to compromise the enterprise.” Intruder's Dilemma “The defender only needs to detect one of the indicators of the intruder’s presence in order to initiate incident response within the enterprise.” Reference: https://taosecurity.blogspot.com/2009/05/defenders-dilemma-and-intruders-dilemma.html 14
  • 15. The Intruder Game Tactic - Technical goal of the intruder Technique - How intruder achieves the goal The Intruder Chooses Time and Goal, Not You! The Defender Choose Confidence level of the Detection! 15
  • 16. How do I Remove the Noise to Find the Attackers and increase confidence levels? Reduce False Positives and Negatives! 16
  • 17. Defenders Game: ATT&CK: Deconstructs the Lifecycle Freely available, curated knowledge based on observed adversary behavior Higher fidelity on right-of-exploit, post-access phases Describes behavior and not adversary tools Built for the “Public Good” Right of the Boom! 17
  • 18. MITRE Pre-ATT&CK Adversarial Tactics, Techniques & Common Knowledge • Blacklist IP, Hash Domains are fungible, quickly replaceable • Pre-compromise activities are largely executed outside the enterprise’s field of view • Data Brokers (Free and for pay), • Websites (Partners, Yours, Government), • Search Engines and Bots • Social Network Bots Left-of-the-Boom 18
  • 19. MITRE ATT&CK Enterprise Perimeter Defense • Items in yellow are the only attributes detectable by tuned perimeter security • Items in red, address requirements on hosts and first hop networks. • Conclusion: • Perimeter security has minimal visibility into attackers insider your environment • IT slows the attacker, but this is not measurable • Tuning the security perimeter security to detect and alert on pre & post attack items are critical to catch attackers. 19
  • 20. The Defenders Goal • Strong trusted alerts • Behavior tracking • Automated response 20
  • 22. Open Source - MITRE Resources • Interactive Attack Navigator: • ATT&CK Enterprise: https://mitre.github.io/attack-navigator/enterprise/ • ATT&CK Mobile: https://mitre.github.io/attack-navigator/mobile/ • Source Code: https://github.com/mitre/attack-navigator • Attacker Groups: https://attack.mitre.org/pre-attack/index.php/Groups • Attacker Group Tactics: https://attack.mitre.org/pre-attack/index.php/Tactics • Unfetter Project - Discover and analyze gaps in your security posture • https://nsacyber.github.io/unfetter/ https://github.com/unfetter-discover/unfetter • Caldera - An automated adversary emulation system (validate alerts) • https://github.com/mitre/caldera 22
  • 23. I understand there is no way of scanning the IPv6 Internet, is that true? 23
  • 24. History of Scanning Internet-Facing IPv6 Devices • 2^64 or 2^128 - Brute Force - Fails in IPv6! • May 2005, Marc “van Huser” Heuse, Attacking the IPv6 Protocol Suite, THC-IPv6 toolkit (1) • May 2007, Joe Klein, “Scanning and Microsoft Mobile compromise via 6to4 on SPRINT”, Responsible Disclosure Notice to Microsoft, Sprint and US CERT, HOPE 2008 (2) • March 2008, IETF, RFC 5157, “IPv6 Implications for Network Scanning” (3) • May 2012, NMAP for IPv6, version 6 (4) • March 2016, IETF, RFC 7707, “Network Reconnaissance in IPv6 Networks” (5) • December 2018, Joe Klein, “Outbound Initiated Requests for Passive Scanning of IPv6” (6) • December 2018, Joe Klein, “Passive IPv6 Scanning using Certificate Transparency process” (7) 24
  • 25. So we are safe? Attackers have not used IPv6 in the past? 25
  • 27. Microsoft Phones are not on IPv6 in 2007 27
  • 28. Attacks on IPv6 , First DDOS , Botnet C&C 28
  • 29. Are their engineering things I can do, to improved detection and reduce operational complexity? 29
  • 30. It’s not just 96 more bits 30
  • 31. It’s not just 96 more bits 31
  • 32. How long have systems been compromise via IPv6? 32
  • 34. The opportunity to re-engineer our part of the Global Internet only happens once in a lifetime! Ensure it is operational and security! 34