Ongoing work at the IETF on TCP and IP security Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference October 28-30, 2009. Luxembourg.

Slides:

Advertisements

Similar presentations

73rd IETF meeting, November 16-21, 2008

Advertisements

Security Assessment of Neighbor Discovery for IPv6

Routing Routing in an internetwork is the process of directing the transmission of data across two connected networks. Bridges seem to do this function.

Client Server. Server Client Model Servers- Wait for requests from clients - Sends requested data to client - May have to communicate with other servers.

Results of a Security Assessment of the Internet Protocol version 6 (IPv6) Fernando Gont project carried out on behalf of the UK CPNI LACNOG 2010 Sao Paulo,

CCNA1 v3 Module 9 v3 CCNA 1 Module 9 JEOPARDY K. Martin Galo Valencia.

TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.

1 Ports and IPv6. 2 Ports Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), used for communication Generally speaking, a computer.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.

Some random thoughts of IPv6 Marcial White University of Advancing Technology.

Security Assessment of the Internet Protocol version 4 (IPv4) draft-ietf-opsec-ip-security Fernando Gont project carried out on behalf of UK CPNI 76th.

Some insights about the recent TCP DoS (Denial of Service) vulnerabilities Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference.

An Overview of IPv6 Transition/Co-existence Technologies Fernando Gont UTN/FRH LACNOG 2010 Sao Paulo, Brazil, October 19-22, 2010.

Mitigating Teredo Routing Loop Attacks (draft-gont-6man-teredo-loops-00 ) Fernando Gont on behalf of UK CPNI IETF 79 November 7-12, Beijing, China.

Security implications of Network Address Translators (NATs) (draft-gont-behave-nat-security) Fernando Gont Pyda Srisuresh UTN/FRH EMC Corporation 76th.

Results of a security assessment of the TCP and IP protocols and common implementation strategies Fernando Gont project carried out on behalf of UK CPNI.

Ongoing work at the IETF on TCP and IP security Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference October 28-30, Luxembourg.

Port randomization (draft-ietf-tsvwg-port-randomization) Michael Larsen & Fernando Gont 73rd IETF Meeting, November 16-21, 2008 Minneapolis, MN, USA.

IPv6: The Next Generation Internet Dipen Chauhan.

Networked Device Management with SNMP SIA Working Group Presentation ASIS 2014 (Atlanta) SIA SNMP Working Group ASIS

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

UCB Network Address Translation Jean Walrand U.C. Berkeley

Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.

Figure 6-1 Growth pattern of Internet hosts MillionMillionMillionMillion.

BEHAVE BOF (Behavior Engineering for Hindrance AVoidancE) Cullen Jennings Jiri Kuthan.

Dynamic Host Configuration Protocol Engr. Mehran Mamonai.

IPv6, the Protocol of the Future, Today Mathew Harris.

Security Assessment of the Transmission Control Protocol (TCP) (draft-ietf-tcpm-tcp-security-02.txt) Fernando Gont project carried out on behalf of UK.

Internet A simple introduction 黃韻文申逸慈.

1 IPv6 for the Network Edge Steve Deering March 20, 2000.

FUTURE INTERNET: PROPOSAL “PROBLEMS IN CURRENT INTERNET” M S Siddiqui [ID ] Networking LAB, KHU

Lesson 2 – IP Addressing IP Address (IPv4 – Version 4) Private and Public Address Brief Introduction to IPv6 – Version 6.

1 Computer Communication & Networks Lecture 19 Network Layer: IP and Address Mapping Waleed Ejaz.

Security Issues Relating to Massive Multiplayer Online Games.

Internet Infrastructure Mapping the World Wide Web.

CITA 310 Section 3 Additional Topics. Common IPv4 Classes ClassFirst numberSubnet maskNumber of networks Number of addresses Class A0 – ,777,216.

Computer Networks & FirewallsUniversity IT Security Office - Tom Davis, CISSP University IT Security Officer Office of the Vice.

1 3gpp_trans/ / IPv6 Transition Solutions for 3GPP Networks draft-wiljakka-3gpp-ipv6-transition-00.txt Juha Wiljakka,

DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.

Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Kittiphan Techakittiroj (25/06/59 19:10 น. 25/06/59 19:10 น. 25/06/59 19:10 น.) Network Address Translation Kittiphan Techakittiroj

Network Address Translation Sandip Chakraborty. NAT PRIVATE NETWORK PUBLIC NETWORK IP: Port: 8123 IP: Port: 9678 IP:

Course Syllabus  Text Book: B. A. Forouzan, “ TCP/IP Protocol Suite ”, 3rd. ed., McGraw-Hill, 2005  Instructor 張軒彬, Office Number:

Security Implications of Predictable Fragment Identification Values

Goodbye IPv4…. Why the change? IPv4 – 1980’sIPv6 – 2000’s.

Security Implications of IPv6 on IPv4 Networks

IPv6 for the Network Edge

IP Adressing in IPv4 By Kenneth Lundby.

Lionel Morand DHCP options for PAA Lionel Morand

Why IPv6 now? Mathieu Goutelle (CNRS/UREC)

76th IETF meeting, November 8-13, 2009

DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers

ND-Shield: Protecting against Neighbor Discovery Attacks

TCP for DNS security considerations

November 7-12, Beijing,China.

Unit – 2 TCP.

ECN Experimentation draft-black-ecn-experimentation

NAT (Network Address Translation)‏

Networks and the Internet

Network Models CCNA Instructor Training Course October 12-17, 2009

project carried out on behalf of

Protocol Application TCP/IP Layer Model

IPv4 Addressing By, Ishivinder Singh( ) Sharan Patil ( )

Review of Internet Protocols Network Layer

IPv6 Current version of the Internet Protocol is Version 4 (v4)

M. Boucadair, J. Touch, P. Levis and R. Penno

Presentation transcript:

Ongoing work at the IETF on TCP and IP security Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference October 28-30, Luxembourg

TCP security “Security Assessment of the Transmission Control Protocol (TCP)”  Already adopted by the IETF (TCPM WG)   Based on: assessment-TCP.pdfhttp:// assessment-TCP.pdf  Join TCPM at:

IP security “Security Assessment of the Internet Protocol version 4 (IPv4)”  Already adopted by the IETF (OPSEC WG)   Based on:  Join OPSEC WG at:

NAT security “Security implications of Network Address Translators (NATs)”  Not yet adopted by the IETF   Join BEHAVE WG at:

Shameless plugin: IPv6 security Currently working on a security assessment of the IPV6 suite Interested in finding people to discuss this stuff. Interested parties drop me an

Fernando Gont