Sunday, December 21, 2008

Command Information Securing, Hacking and Defending IPv6

Last week I had the good fortune to attend Securing, Hacking and Defending IPv6, a class offered by Command Information in Herndon, VA. I've experimented with IPv6, as noted most recently in my May 2007 post Freenet6 on FreeBSD. I thought I knew a decent amount about IPv6, although I recognized a class like this would be helpful.

One word: wow. IPv6 is more complicated than I expected. I only began to realize this as the two Command Information instructors, Joe Klein and TJ Evans, explained what they know about the protocol and how it is used and abused. When IPv6 becomes even moderately deployed, intruders are going to have a field day. The network teams who have been hiding in the shadows of the Web app folks are going to have to step into the light and learn quickly. You can forget any hype about IPv6 bringing "security" when deployed, at least in the short-to-mid-term. The operational realty of designing, building, and running IPv6 networks properly is going to rock everyone's world.

The instructors were the best aspect of the class. They could answer any IPv6 question anyone asked. The overall content needs to be adjusted, but the instructors were very open to feedback. The 3-day class I attended was only the second session taught thus far, so I expect continuous improvement during the next few sessions.

I haven't seen training on this subject anywhere else, by anyone I consider authoritative on the subject. Joe and TJ are helping shape the nature and use of IPv6 in Federal and other locations, and you will learn a lot in this class.


Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

5 comments:

Marcus J. Carey said...

Until IPv6 is implemented wide-scale it is hard to determine what will truly be issues in the end. There are many features of IPv6 that are not supported by vendors and most network devices at this point. It will be hard to determine risk until we have everything on the table.

Marcus J. Carey

stretch said...

RFC 4942 also has a great (but not necessarily complete) review of current IPv6 security concerns.

nr said...

Richard, good to know you enjoyed the instructors. I have Joe Klein's card in my stack o' cards because I have the intention of taking some of his IPv6 training when I get the chance and also getting some training for coworkers.

Anonymous said...

I see that there is a book out on this very subject.

IPv6 Security, By Scott Hogg, Eric Vyncke.
http://www.ciscopress.com/bookstore/product.asp?isbn=1587055945

Richard Bejtlich said...

Yes, I am trying to get a copy now. From what I hear Cisco sent people to the first session of this course and "furiously took notes."