Is the Internet really a safe place when ignoring IPv6?

A recent DHS report analyzed only IPv4 threats and mitigations. Is it enough?

Today, I had a great read: a 114-page report from the US Department of Home Security (http://www.it-scc.org/documents/IT_Sector_Risk_Assessment_Report_Final.pdf). This report claims that the Internet infrastructure is well secured and is resilient against attacks. This report is well written and covers notably how the DNS infrastructure is protected (by anycast servers and other mechanisms). Nevertheless, I have a severe issue with this document: IPv6 is only mentionned 4 times (and twice in footnote). How can someone claim that the Internet is secure if the analysis was done only for the legacy IPv4 Internet? There will be (or perhaps have been) IPv6 DoS attacks, NOG and servers are not always prepared to fight against those attacks (especially when there is no anti-DOS devices for IPv6 AFAIK)...

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.