Last week, RFC 8021, entitled "Generation of IPv6 Atomic Fragments Considered Harmful" was published. Essentially, this RFC suggests that the infamous IPv6 atomic fragments are a bad idea and should…
One thing that I enjoy a lot is capturing network traffic to subsequently try to figure out whether the captured traffic makes any sense -- you learn a lot that…
The IETF has published a new RFC by Fernando Gont: RFC7739.This RFC analyzes the security and privacy implications of predictable Fragment Identification (ID) values, and proposes a number of algorithms…
We have just published IETF RFC 7610, entitled "DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers". The abstract of the RFC is:This document specifies a mechanism for protecting hosts connected toa switched…
IntroductionMore than ten years ago, Ptacek and Newsham published a seminal paper on network instrusion evasion, entitled "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection", in which they…
Part of the materials used for the DEEPSEC 2011 edition of our "Hacking IPv6 Networks" training are now available on the SI6 Networks web site.The materials can be accessed here.…