Security IPv4 vs. IPv6 Is there a difference? Greg Travis Indiana University

Slides:

Advertisements

Similar presentations

IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.

Advertisements

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

IPv6 Keith Wichman. History Based on IPv4 Based on IPv4 Development initiated in 1994 Development initiated in 1994.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

IPv6: The Next Generation Internet Protocol CEOS WGISS 18: Beijing, China September 2004 Dave Hartzell Computer Sciences Corp, NASA Ames

Introduction to Dynamic Routing Protocols

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLSM and CIDR Routing Protocols and Concepts – Chapter 6.

© N. Ganesan, All rights reserved. Chapter IP Addressing Format.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLSM and CIDR Routing Protocols and Concepts – Chapter 6.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 OSI Network Layer Network Fundamentals – Chapter 5.

CSE5803 Advanced Internet Protocols and Applications (7) Introduction The IP addressing scheme discussed in Chapter 2 are classful and can be summarised.

By Rod Lykins.  Background  Benefits  Security Advantages ◦ Address Space ◦ IPSec  Remaining Security Issues  Conclusion.

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.

Network Architectures Week 3 – OSI and The Internet.

Internet Protocol Security (IPSec)

CS335 Networking & Network Administration Tuesday April 27, 2010.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Network Layer Network Fundamentals – Chapter 5.

Presentation Title Subtitle Author Copyright © 2002 OPNET Technologies, Inc. TM Introduction to IP and Routing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Planning the Addressing Structure Working at a Small-to-Medium Business or ISP – Chapter.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing in an Enterprise Network Introducing Routing and Switching in the.

4: Network Layer4a-1 Hierarchical Routing r aggregate routers into regions, “autonomous systems” (AS) r routers in same AS run same routing protocol m.

Interior Gateway Protocol. Introduction An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with.

NATs and UDP Victor Norman CS322 Spring NAPT Suppose we have a router doing NAT: half is the “public side”, IP address ; other half is.

1 CSCI 233 Internet Protocols Class 2 Dave Roberts.

Chapter 6 VLSM and CIDR.

Topic of Presentation IPv6 Presented by: Mahwish Chaudhary Roll No 08TL01.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing in an Enterprise Network Introducing Routing and Switching in the.

ICS 156: Lecture 2 (part 1) Today:  IP addressing  Data link protocols and ARP  Notes about lab.

Design and Development of Web-Based VLSM and CIDR Learning Aplication Adriel Lucas Darwali

CLASSLESS INTER-DOMAIN ROUTING {CIDR} & SUBNETTING PHILLIP LAFLEUR NATHAN GRAMMES JONATHAN BENNETT.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Static Routing Routing and Switching Essentials.

1 IPv4 Depletion and Migration to IPv6 John Curran Chairman American Registry for Internet Numbers (ARIN)

1 IPv6 for the Network Edge Steve Deering March 20, 2000.

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

Packet switching network Data is divided into packets. Transfer of information as payload in data packets Packets undergo random delays & possible loss.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLSM and CIDR Routing Protocols and Concepts – Chapter 6.

1 Lessons from IPv6 Steven M. Bellovin

Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.

IP Internet Protocol Fundamental packet format that computers use to exchange information. Is a set of technical rules that defines how computers communicate.

Compsci 82, Fall Bits and Atoms l How do send a letter? A phone call? A musical recording? An Internet Packet?  I want to watch Iron Man tomorrow.

Ασύρματες και Κινητές Επικοινωνίες Ενότητα # 10: Mobile Network Layer: Mobile IP Διδάσκων: Βασίλειος Σύρης Τμήμα: Πληροφορικής.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Course Introduction.

CPS 82, Fall IETF: Internet Engineering Task Force l “governs” the Internet (according to some)  What does this mean? Who elects the members?

1 Review – The Internet’s Protocol Architecture. Protocols, Internetworking & the Internet 2 Introduction Internet standards Internet standards Layered.

Copyright 1999, S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 35 Emerging Protocols Tanenbaum: pp

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.

Cryptography CSS 329 Lecture 13:SSL.

Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.

IP - Internet Protocol No. 1  Seattle Pacific University IP: The Internet Protocol Kevin Bolding Electrical Engineering Seattle Pacific University.

Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.

Lecture 14 Mobile IP. Mobile IP (or MIP) is an Internet Engineering Task Force (IETF) standard communications protocol that is designed to allow mobile.

Computer Networking 网络课件双语教学模拟实验计算机网络教研室 Department of Computer Networking Application CHAPTER 14 INTERNETWORKING 1 The first section 2 Exercises.

VPN’s Andrew Stormer COSC 356 Fall What is a VPN? Acronym – Virtual Private Network Acronym – Virtual Private Network Connects two or more private.

LESSON Networking Fundamentals Understand IPv4.

IPv6 for the Network Edge

Encryption and Network Security

Key concepts covered in Midterm III

Routing Protocols and Concepts – Chapter 6

Routing Protocols and Concepts – Chapter 6

Routing Protocols and Concepts – Chapter 6

OSI Network Layer Presented By Dr. Waleed Alseat Mutah University.

Chapter 15 - IP: Software To Create A Virtual Network

Internet Protocol version 6 (IPv6)

Presentation transcript:

Security IPv4 vs. IPv6 Is there a difference? Greg Travis Indiana University

In the beginning… The Internet was infinitesimally small, and no one could comprehend its role in the future of society Networks, as they grew, were built and run by benevolent lords The security concern of the time was simply a nuclear war

In the beginning… Security was the concern of the government Cryptography was within the realm of dark projects “Secure” communications were defined by the NSA

The IETF said “let there be Autonomous Systems and routing protocols” and Internet grew and grew The NSF said “let there be commercialization” and the Internet grew and grew and grew Cisco said “let there be e-commerce” and Cisco grew and grew

In 1993 the IETF said “the sky is falling” Current state-of-the-art routers couldn’t hold the entire routing table It was projected that class-B addresses, and eventually all addresses, would be exhausted Creative IETF members said “we can fix things”, but each had his own plan

“If you’re giving away ice-cream, make sure the scoops are small” The IETF said “let there be CIDR” and classless interdomain routing became the efficient way to dole out IP addresses Others in the IETF said “CIDR is nice, but we’re still going to run out of ice-cream” “wouldn’t it be nice to have an astronomical amount of ice-cream, they wondered” Two years later, the IETF invented the equivalent of an astronomical amount of ice- cream: IPv6

Around the same time they were solving the ice-cream problem, the IETF also was dealing with security SSL was standardized - now TCP connections could be encrypted without the user messing around with keys or passphrases Standards were emerging for securing the network at the IP layer (would later be called IPSEC)

The difference between “may” and “must” The IPv6 IETF standard (RFC ) specifies that a full implementation of IPv6 MUST support certain components of IPSEC IPv4, which was defined before IPSEC, MAY support IPSEC In reality, some IPv6 stacks don’t support IPSEC and many IPv4 stacks do. There are no additional security features if IPv6! In fact, IPv4 does have additional required security features (but they’re not used)

IPv6 does have an astronomical number of addresses This does allow for the flexibility to build network topologies which support attribution at the network layer. You can make quite a mess with an astronomical amount of ice-cream.

The argument for IPv6 is to maintain the flexibility of supporting the end-to-end network model. IMHO, it has nothing to do with security

Want to make a network less secure, migrate to IPv6 early