RFC7739: Security Implications of Predictable Fragment Identification Values

The IETF has published a new RFC by Fernando Gont: RFC7739.This RFC analyzes the security and privacy implications of predictable Fragment Identification (ID) values, and proposes a number of algorithms…

Continue Reading RFC7739: Security Implications of Predictable Fragment Identification Values

New edition of “Hacking IPv6 Networks v3.0” (May 31 – June 2, 2016 – Stuttgart)

Fernando Gont will be teaching our renowned "Hacking IPv6 Networks v3.0" training course in Germany!Date: May 31 - June 2, 2016Place: Stuttgart, GermanyLearning Objectives:This course will provide the attendee with…

Continue Reading New edition of “Hacking IPv6 Networks v3.0” (May 31 – June 2, 2016 – Stuttgart)

IETF RFC 7610: “DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers”

We have just published IETF RFC 7610, entitled "DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers". The abstract of the RFC is:This document specifies a mechanism for protecting hosts connected toa switched…

Continue Reading IETF RFC 7610: “DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers”

IPv6 NIDS evasion and improvements in IPv6 fragmentation/reassembly

IntroductionMore than ten years ago, Ptacek and Newsham published a seminal paper on network instrusion evasion, entitled "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection", in which they…

Continue Reading IPv6 NIDS evasion and improvements in IPv6 fragmentation/reassembly