Is the Internet really a safe place when ignoring IPv6?
A recent DHS report analyzed only IPv4 threats and mitigations. Is it enough?
By Eric Vyncke on Fri, 08/28/09 - 7:58am.Today, I had a great read: a 114-page report from the US Department of Home Security (http://www.it-scc.org/documents/IT_Sector_Risk_Assessment_Report_Final.pdf). This report claims that the Internet infrastructure is well secured and is resilient against attacks. This report is well written and covers notably how the DNS infrastructure is protected (by anycast servers and other mechanisms).
Nevertheless, I have a severe issue with this document: IPv6 is only mentionned 4 times (and twice in footnote). How can someone claim that the Internet is secure if the analysis was done only for the legacy IPv4 Internet? There will be (or perhaps have been) IPv6 DoS attacks, NOG and servers are not always prepared to fight against those attacks (especially when there is no anti-DOS devices for IPv6 AFAIK)...
- About IPv6 Security
- Eric Vyncke works as a Distinguished Consulting Engineer for Cisco. Eric wrote the security section of Networks: Internet, Telephony, Multimedia: Convergences and Complementarities (Springler Verlag, 2003), and has a Master Degree in Computer Science Engineering from the University of Liège. Eric has also co-authored several books on LAN security including his latest, IPv6 Security. IPv6 Security has been selected as the Cisco Subnet June book giveaway. Entry forms for the monthly book giveaway can be found on the Cisco Subnet home page. Read a chapter excerpt of IPv6 Security hosted exclusively by Cisco Subnet.
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise