6sense - Generating New Possibilities in the New Internet.

6Sense Home

JANUARY 2007

Volume 4 Number 1
Intro
by Alex Lightman, Publisher
Alex Lightman

We are just two months away from the first ever joint US IPv6 Summit and Coalition Summit for IPv6. We have a stellar speaker lineup this year, with many of the most powerful voices in the IPv6 landscape, including Major General Dennis C. Moran, Vice Director for Command, Control, Communications, and Computer Systems (J6), OJCS; Rep. Robert Goodlatte, Co-Chairman, Congressional Internet Caucus; and Lt. General James Soligan, Deputy Commander, NATO Allied Command Transformation. Please join us March 26th-29th, 2007 at the Hyatt Regency in Reston, VA, for an eye-opening look into both domestic and International IPv6 strategies, transition plans, applications and developing technologies. Early Bird prices are still in effect -- to register now, go to http://www.usipv6.com.

This issue of 6Sense has a special focus on both security and consumer electronics trends in IPv6.

In this January, 2007 issue of 6Sense:

  • Steve Bellovin and Angelos Keromytis of Columbia University, and Bill Cheswick, the co-founder of Lumeta, offer a provocative look at the propagation of worms in an IPv6 network -- and why we cannot rest on the laurels of inherent IPv6 security.
  • Adam Stein of MU Security provides an insightful discussion regarding the "attack surfaces" of IPv6 networks and what can be done to reduce major risk factors.
  • Chris Harz of IPv6 Summit, Inc. reports on the latest consumer electronics trends at the CES 2007 show, and what implications they may have for IPv6 products and services.

Please note that 6Sense welcomes submissions from anyone who wants to contribute to the creation and strengthening of the IPv6 industry and international IPv6 community. We invite you to share your unique insights with our readers.

We hope that you enjoy this issue, and will join us in furthering the vision of an expanding IPv6 future this March.

Respectfully,
Alex Lightman Signature
Alex Lightman
Publisher, 6Sense Newsletter
CEO, Innofone.com, Inc.
"The largest and fastest growing IPv6 pure-play"

 

Worm Propagation Strategies in an IPv6 Internet
By Steve Bellovin - Professor of Computer Science, Columbia University
Bill Cheswick – Co-Founder of Lumeta and private consultant
Angelos Keromytis - Associate professor of Computer Science at Columbia University
Steve Bellovin
Bill Cheswick
Angelos Keromytis

In recent years, the Internet has been plagued by a number of worms. One popular mechanism that worms use to detect vulnerable targets is random IP address-space probing. This is feasible in the current Internet due to the use of 32-bit addresses, which allow fast-operating worms to scan the entire address space in a matter of a few hours. The question has arisen whether or not their spread will be affected by the deployment of IPv6. In particular, it has been suggested that the 128-bit IPv6 address space (relative to the current 32-bit IPv4 address space) will make life harder for the worm writers: assuming that the total number of hosts on the Internet does not suddenly increase by a similar factor, the work factor for finding a target in an IPv6 Internet will increase by approximately 296, rendering random scanning seemingly prohibitively expensive.

Some worms, such as Melissa, spread by email. These worms will not be affected by the adoption of IPv6; though the space of possible email addresses is vast, these worms typically consult databases such as Microsoft Outlook's address book.

On the other hand, life will indeed be harder for address-space scanners, such as Code Red and Slammer. Clever heuristics can cut the search space dramatically. More specifically, multi-level searching and spreading techniques can negate the defender's advantage. However, the code size required for worms will increase, which may help prevent Slammer-like attacks. This has created the impression that an IPv6 Internet would be impervious to similar kinds of worms.

In the past, there have been two forms of address-space scans. Some worms use a uniformly distributed random number generator to select new target addresses. This strategy is indeed unlikely to succeed in an IPv6 world. Other worms preferentially spread locally, by biasing the search space toward addresses within the same network or subnet. This will be a more successful strategy, though at first glance the 80-bit local space (nearly twice Avogadro’s number!) would seem to be a formidable obstacle. We observe that certain strategies can improve the attacker’s odds. In particular, by taking advantage of local knowledge and patterns in address-space assignment, the attack program can cut the search space considerably.

READ ENTIRE ARTICLE

 
Security Analysis of IPv6 Networks
By Adam Stein
Mu Security, Vice President of Marketing
Adam Stein
Mu Security

Many manufacturers, government bureaus, Department of Defense critical assets and infrastructure agencies are converting proprietary systems to IP-based networks. This transition from homogenous IPv4 networks or SCADA networks to mixed IPv4 and IPv6 networks exposes much larger possible attack surfaces. The attack surface becomes more complex with diverse IT Systems, SCADA Control Systems, weapon platforms, or combat systems. Additionally, previous software bugs once isolated in proprietary networks expand to become exploitable vulnerabilities once exposed to an open IP network. This problem requires a methodical and repeatable analysis, including a Security Analyzer system to document and isolate vulnerabilities before they are exploited.

As a new protocol stack, IPv6 leverages vulnerabilities similar to those in IPv4 as well as others unique to IPv6. Being first to market with a security analysis system capable of evaluating IPv4 and/or IPv6 is a significant advantage for any vulnerability assessment, penetration testing and fuzzing products. As IPv6 becomes a requirement for government infrastructure in 2008 and a core part of Microsoft's Vista operating system, the market opportunities for Security Analyzers grows exponentially. Security Analyzers offer three immediate benefits to IPv6 systems and applications:

  • Problem: Structural issues with many type-length-value extension headers may be exploitable in IPv6.
  • Using Security Analyzers: Rapid identification and detailed auditing of IPv6 weaknesses prior to malicious exploits.
  • Problem: Fragmentation support in IPv6 opens up potential attack vectors.
  • Using Security Analyzers: Identification of both IPv4 and IPv6 fragment attacks.
  • Problem: IPv6 addresses contain many more semantics and a wider range of accepted variations than those of IPv4.
  • Using Security Analyzers: Automates parsing structurally valid addressing in proper context through either multicast or unicast transport.

READ ENTIRE ARTICLE

 
CES 2007: Geeks, Gadgets and IPv6
By Christopher Harz
VP of Strategic Planning, IPv6 Summit, Inc.
Christopher Harz
Industrial Revolutions, LLC.

The Consumer Electronics Show (CES) is the largest trade show in America, with over 150,000 visitors and 65 miles of aisles zigzagging around the equivalent of 35 football fields of floor space at the Las Vegas Convention Center, the Sands Convention Center, and various other venues around Las Vegas, Nevada. It is the annual trek to Mecca for anyone interested in consumer electronics, including television sets, car and home stereo systems, cell phones, cameras (both still and video), MP3 players and accessories, and the like.

Besides being a concentrator of what are sometimes called "boy toys," the CES is also an important part of the story of the future of IPv6, of the consumer demands for products and services that will be dramatically better, cheaper or more secure when enabled with IPv6, and which will eventually lead to ubiquitous v6 availability – and profitable ledger numbers for hundreds of existing and startup companies that cater to that demand. Our IPv6 community has mostly discussed the "push" aspect of v6 – what infrastructure IT executives need to provide, and what the technical characteristics of that infrastructure should be – and paid relatively little attention to the "pull" for IPv6 – what popular applications and consumer trends are evolving that could transmogrify the developmental status of v6 from "nice to have" to "must have" – for a mass-consumer audience.

READ ENTIRE ARTICLE

 
v6 Transition Offers IPv6 Support Services
v6 Transition

v6 Transition, a subsidiary of Innofone.com, Inc. offers a wide range of IPv6 support services for your organization. Our team of companies can help you with your IPv6 plans, whether they involve transitioning your network to a v6 configuration or developing and financing products or services for the upcoming market boom precipitated by the New Internet.

MORE INFO
PRODUCED BY:
IPv6 Summit, Inc.
CONTENTS

Publisher's Intro

Worm Propagation Strategies in an IPv6 Internet
Steve Bellovin, Bill Cheswick, and Angelos Keromytis

Security Analysis of IPv6 Networks
Adam Stein
Mu Security

CES 2007: Geeks, Gadgets and IPv6
Christopher Harz
IPv6 Summit, Inc

v6 Transition Offers IPv6 Support Services
FEEDBACK

Send us feedback about 6Sense articles

UPCOMING EVENTS:

US IPv6 Summit 2007

United States IPv6 Summit
Reston, Virginia

March 27-28, 2007

Click here for more info.

Coalition Summit Logo

Coalition Summit for IPv6
Reston, Virginia

March 28-29, 2007

Click here for more info.

COALITION SUMMIT FOR IPv6 2007
and
UNITED STATES IPv6 SUMMIT 2007
GRAND SPONSOR:

Cisco Systems, Inc.

OPNET

Foundry Networks

GOLD SPONSORS:

NTT Communications, Inc.

Green Hills Software, Inc.

Verizon Business

Global Crossing

Mu Security

INS

Alcatel-Lucent

Mobile Technology Group

Digital Presence

 
SILVER SPONSORS:

Infoblox
ENDORSED BY:

Microsoft, Inc.

Interactive Television Alliance

Visual Link
MEDIA SPONSORS:

NetworkWorld

CIO Today

Federal Computer Week

All rights reserved. Views expressed here are solely those of the authors and/or their employers and do not necessarily reflect the perspective of IPv6 Summit, Inc.
© 2007 6sense. All Rights Reserved. 6sense Newsletter published by IPv6 Summit, Inc.