Presentation is loading. Please wait.

Presentation is loading. Please wait.

Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,

Similar presentations


Presentation on theme: "Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,"— Presentation transcript:

1 Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice, and Human Services May 7, 2012

2 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Problem Description Describe Solution Intended Use Deliverables Demonstration Conclusion Questions 2 Overview

3 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks IPv6 link-local networks Improperly implemented networks Poor hardware IPv6 support Growing number of vulnerabilities Lack of publicly available preconfigured/easy to use IPv6 monitoring solutions 3 Problem

4 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Preconfigured IDS – Monitor network, send alerts – Ease of use top priority – SecurityOnion, Linux IDS-centric Distro – Snort sensor, OSSEC Web GUI/Notifier Initial quick setup document Primer of known IPv6 Vulnerabilities Reference of proper implementation 4 Solution - Overview

5 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Popular intrusion detection system CLI based, not easy for casual users Displays alerts, but not always easy to understand No immediate overview of network health 5 Solution – IDS – Snort

6 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks GUI frontend to Snort Easy to view events Reporting capabilities Simple custom alerting alerts Minimal configuration 6 Solution – IDS – OSSEC

7 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks 7 Solution – Diagram

8 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Small business system/network administrators No dedicated security team No IPv6 considerations internally No time to learn and set up complex integrated systems 8 Intended Use

9 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Implement Snort/OSSEC on Security Onion VM Create vulnerability triggers for Snort Configure IDS to send detection alerts Configure IDS Web GUI Primer on known vulnerabilities Guide to further resources for implementing IPv6 securely 9 Deliverables

10 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Vulnerability triggering alert – RH0 amplification attack Snort IPv6 Rules alerts to administrator 10 Demonstration

11 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks IPv6 networks are vulnerable Off the shelf, low cost, configured IPv6 monitoring doesn’t exist Our IDS makes it easy to monitor small networks 11 Conclusion

12 B. Haines / V. Pullano Addressing IPv6 Vulnerabilities on Small Business Networks Questions? 12


Download ppt "Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,"

Similar presentations


Ads by Google