In 2011, we saw the first IPv6 attacks on production networks. As more traffic is transported by IPv6 we can expect more attacks. There are risks right now you should be considering, regardless of whether you have started the transition to IPv6.
You should know most providers have enabled IPv6 in some capacity (often as a default option), so even if you have not started your transition, you likely have it in your network in some fashion. Be mindful your IPv4 only routers and switches in your network are often "blind" to IPv6 attacks hidden in IPv4 traffic.
To get a better understanding of the IPv6 activity going on in your network, you should identify and try to take a closer look at any encapsulated packets in your network. You can also deploy IPv6 enabled devices and see what kind of traffic they get, such as broadcasts from other IPv6 devices and multi-cast sweeps with IPv6 data in it.
The key is to start planning for the transition (if you have not already) to understand the impacts on your network, applications and services and proactively reduce any risks. To smooth the evolution to IPv6 and protect your network the following three common transition traps should be avoided:
1. Assuming Your Security Posture Will Remain the Same Over IPv6 As Over IPv4.
The same attack can present itself differently when running over IPv4 versus IPv6. As when delivered over IPv6, leaving your network and information assets vulnerable.
2. Assuming Your Applications Will Immediately Behave the Same Over IPv6 as Over IPv4.
The change to a new underlying network protocol has far reaching implications; many applications have IP addresses embedded within them, and there are no existing standards for how they should handle this. As a result, applications often widely vary in terms of function, security, and scalability when they go from one transport protocol to the other.
3. Assuming Your Regular Development Processes Will Be Enough.
If you are developing new products, applications and services, you need to be mindful of how IPv6 will impact your functionality and security. When trying to determine what will happen at the system level, as you perform QA testing, it's critical to include security (sending abnormal and unexpected inputs) and scale tests to identify how the device will handle them.
For more information read Sarah’s article Preparing for the IPv6 Evolution and Security Implications.
Sarah Sorensen
ssorensen@acgresearch.net
www.acgresearch.net