Posts Tagged “Security”

Recommendation for IPv6 Stateful Firewalls

IPv6 provides an address for each node on the Internet. So NAT has no more use for address depletion. NAT also provides some basic security. But NAT as any stateful device can also be the target for DoS attacks. And any NAT device within a network provides an easily exploited opportunity for undetected Man In…

IPv6 restoring End to End connectivity, is it a myth ?

Introduction The IPv6 main drivers for adoption are a large address space which does not require any Network Address Translation (NAT) anymore, a simpler header which should permit a more efficient switching and the Extension headers which allow adding any service at the Network Layer rather than the Transport Layer when needed. A great example…

Secure the IPv6 Network Access with SEcure Neighbor Discovery (SEND, rfc3971 and CGA, rfc3972)

Introduction IPv6 Nodes on the same link use NDP (rfc4861) to discover each other’s presence and link-layer addresses, to find routers, and to maintain reachability information about the paths to active neighbors.  Both hosts and routers use NDP.  Its functions include Neighbor Discovery (ND), Router Discovery (RD), Address Autoconfiguration, Address Resolution, Neighbor Unreachability Detection (NUD), Duplicate…

Go Top