Price: $1,699.00

Course Number: 601
Length: 2 Days
College Credits: 13
Print Friendly, PDF & Email

Why choose TONEX for your IPv6 Security training?

IPv6 Security Training provides a framework for IPv6 end-to-end security architecture and implementation issues.

IPv6 security course provides the essential needs in managing a IPv6 network audit and vulnerability assessment. It provides a formal framework for finding and eliminating IPv6 network security threats, ensuring that no vulnerabilities are overlooked.

IPv6 Security Training provides guidance for avoiding IPv6 security problems, identifying specific IPv6 security deficiencies, explore IPv6 vunerabilities and exploiting.

IPv6 security class also details what commercial, freeware, and shareware tools are available, how they work, and how to use them. By following the procedures outlined in the course, you can pinpoint what individual parts of your IPv6 network need to be hardened and learn about IPv6 Security best practices.

TONEX’s IPv6 Security Training is certified by the IPv6 Forum

IPv6 Security Training

IPv6 Security Topics Covered:

  • Major security issues faced when upgrading to IPv6 network
  • IPv6 Packet Structures and Vulnerability
  • Issues with IPv6 Packets over IPv4 Networks
  • Issues with Embedding an IPv4 Address in an IPv6 Header
  • IPv6 Forensics
  • IPv6 Security Testing Tools
  • Vulnerability Testing
  • Running Fuzz Testing against IPv6 Devices and Applications
  • IPv6 Attacker Tools
  • IPv6 Security Incidents
  • Sources of Incidents
  • Types of IPv6 Security Incidents
  • Probes
  • Scan
  • Account Compromise
  • Root Compromise
  • Packet Sniffer
  • Denial of Service (DoS) and Distributed DoS (DDoS)
  • Exploitation of Trust in IPv6
  • Malicious Code in IPv6

 

You will also learn about the following topics:

  • IPSec
  • Issues in Layer 2 , Layer 3, Layer 4 and Above
  • Spoofing, Source Routing, Routing Protocols
  • Applications, Network Denial of Service, Denial of Service (DoS) attacks
  • Autoconfiguration
  • Larger Address Space: Reconnaissance
  • Privacy Extensions Address
  • Issues with Extension Headers
  • Fragmentation Issues
  • Transition Mechanisms Issues
  • Dual Stack Issues
  • Tunnels
  • Latent Threat
  • Enforcing a Security Policy
  • IPv6 Internet Security, IPv6 Perimeter Security
  • IPv6 Firewalls, ICMPv6 L2 Vulnerabilities for IPv6, Hardening IPv6 Network Devices
  • Server and Host Security
  • IPv6 Host Security
  • IPsec and SSL Virtual Private Networks
  • Security for IPv6 Mobility
  • Securing the Transition Mechanisms
  • IPv6 Security Monitoring
  • Managing and Monitoring IPv6 Networks
  • Managing IPv6 Tunnels
  • Forensics and Intrusion Detection and Prevention Systems
  • Managing the Security Configuration
  • Changing Security Perimeter
  • Creating an IPv6 Security Policy

 

 

Who Should Attend

Engineers, developers, managers, risk analysts, ethical hackers and anyone else who wants to learn IPv6 security.

Objectives

After attending this course, you will be able to:

  • Understand the basics of IPv6 Security
  • Secure IPv6 networks against threats and attacks
  • Implement security standards and processes to protect your IPv6 network
  • Create a secure IPv6 infrastructure
  • Plan ahead to avoid IPv6 security problems before widespread deployment
  • Identify known areas of weakness in IPv6 security and the current state of attack tools and hacker skills
  • Analyze and react to denial-of-service (DoS) attacks
  • Understand each high-level approach to securing IPv6 and learn when to use each
  • Protect service provider networks, perimeters, LANs, and host/server connections
  • Harden IPv6 network devices against attack
  • Utilize IPsec in IPv6 environments
  • Secure mobile IPv6 networks
  • Secure transition mechanisms in use during the migration from IPv4 to IPv6
  • Monitor IPv6 security
  • Understand the security implications of the IPv6 protocol, including issues related to ICMPv6 and the IPv6 header structure
  • Protect your network against large-scale threats by using perimeter filtering techniques and service provider–focused security practices
  • Understand the vulnerabilities that exist on IPv6 access networks and learn solutions for mitigating each

Outline

Introduction to IPv6

  • IPv6 in a nutshell
  • Comparing IPv4 and IPv6 IPv6 Header Format
  • IPv4 Compatibility
  • IPv6 Operation
  • IPv6 Addressing Architecture
  • ICMPv6 and Neighbor Discovery Protocol
  • Using DNS and DHCP with IPv6
  • Supporting Security and Mobility with IPv6
  • Routing in IPv6 Networks
  • Using IPv6 services
  • IPv6 operation and Architecture
  • Basic transition mechanisms
  • Tunneling protocols create new risks
  • IPv6 autoconfiguration

Introduction to IPv6 Security

  • IPv6 Security Essentials
  • IPv6 Protocol Security Vulnerabilities
  • IPv6 Internet Security
  • IPv6 Perimeter Security
  • Local Network Security
  • Hardening IPv6 Network Devices
  • Server and Host Security
  • IPsec and SSL Virtual Private Networks
  • Security for IPv6 Mobility
  • Securing the Transition Mechanisms
  • Security Monitoring
  • IPv6 Security Conclusions
  • Popular and Famous Attacks
  • Hacker Threats for IPv6
  • Neighbor Discovery
  • DHCPv6
  • Denial of Service
  • Neighbor Spoofing Attack
  • Neighbor Poisoning
  • ICMPv6 Attacks
  • Anycast Threat
  • Hacker Experience
  • IPv6 Security Mitigation Techniques
  • Large-Scale Internet Threats
  • Ingress/Egress Filtering
  • Securing BGP Sessions
  • IPv6 over MPLS Security
  • Prefix Delegation Threats
  • Multihoming Issues
  • IPv6 Perimeter Security
  • IPv6 Firewalls
  • Physical Security
  • Developing Security Policies, Assessments and Procedures
  • IPv6 Security Considerations and Recommendations
  • IPv6 Neighbor Discovery trust models and threats
  • Implementing Security for IPv6, Cisco Documentation
  • Security Implication of Mixed IPv4/IPv6 Network
  • IPv6 end-to-end security
  • Managing privacy extensions
  • IPsec, VPNs, IKE, PKI
  • IPv6 autoconfiguration

IPv6 and IPv4 Threat Comparison

  • Encryption
  • Digital Signatures
  • Public Key Infrastructure (PKI)
  • Dealing with Technology Evolution
  • Network Security Awareness
  • Best-Practice Evaluation
  • Threat Analysis Attacks with New Considerations in IPv6
  • Reconnaissance
  • Unauthorized Access
  • Header Manipulation and Fragmentation
  • Layer 3-Layer 4 Spoofing ARP and DHCP Attacks Broadcast Amplification Attacks (smurf)
  • Routing Attacks
  • Viruses and Worms
  • IPv6 and IPv4 Threat Comparison
  • Translation, Transition, and Tunneling Mechanisms
  • Attacks with Strong IPv4 and IPv6
  • Similarities
  • Sniffing
  • Application Layer Attacks
  • Rogue Devices
  • Man-in-the-Middle Attacks
  • Flooding
  • IPv6 and IPv4 Threat Comparison
  • IPv6 Security Considerations
  • Authorization for Automatically Assigned Addresses and Configurations
  • Protection of IP Packets
  • Host Protection from Scanning and Attacks
  • Control of What Traffic is Exchanged with the Internet
  • Reconnaissance Tools

IPv6 Network Vulnerabilities and Attacks

  • Detailed analysis of IPv6 headers
  • Elimination of NAT
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS)
  • Ethernet LAN Security
  • Frame Relay Network Security: Vulnerabilities and Mitigations
  • ICMP Attacks
  • IPv6 Spoofing
  • ICMP, ICMP Attack, Ping Attack, Smurf Attack, PING Flood, Ping of Death
  • Land Attack
  • Network Security at the Data Link Layer (Layer 2) of LAN
  • Network Security at the Network Layer (Layer 3: IP)
  • Network Security at the Transport Layer (Layer 4: TCP and UDP)
  • Pharming and Anti-pharming Mitigations and Technologies
  • Phishing and Anti-phishing Mitigations and Technologies
  • Port Scan Attack
  • Public-Key or Asymmetric Cryptography
  • RIP Routing Attacks
  • Smurf Attack and Fraggle Attack
  • SPAM and Anti-Spam Technologies
  • Spyware and Anti-Spyware Mitigations and Technologies
  • TCP Connecting Hijacking: MAN-In-The-Middle Attack
  • TCP SYN Attack
  • TCP/IP Network Vulnerability and Security
  • UDP Flood Attack
  • Widely Used Attack Tools
  • Virus and Antivirus Technologies
  • Top Information and Networking Threats

IPSec and IPv6

  • IPsec architecture
  • The Security Policy Database (SPD)
  • Security Association Database (SAD)
  • Peer Authorization Database (PAD)
  • SA and Key Management
  • IP Traffic Processing
  • AH and ESP Headers AH and ESP security protocols
  • Tunnel mode and transport mode
  • Security policy (SP)
  • Selector
  • Security Association (SA), Key exchange protocols
  • Security Protocols
  • AH and ESP
  • Security Parameter Index (SPI)
  • Sequence Number
  • Virtual Private Networks (VPNs)
  • Host-to-Host IPsec
  • Site-to-Site IPsec Configuration
  • Remote Access with IPsec
  • SSL VPNs
  • IP VPN Services
  • Attacking IPsec VPNs
  • Check Point VPN Security Issues
  • Microsoft PPTP
  • VPN Services Countermeasures

Security for IPv6 Mobility

  • Mobile IPv6 Operation
  • MIPv6 Messages
  • Threats Linked to MIPv6
  • Using IPsec with MIPv6
  • Filtering for MIPv6
  • Mitigating ICMPv6 threats
  • Other IPv6 Mobility Protocols

IPV6 Security Audit & Control

  • Host- and Network-based Intrusion Detection
  • Firewalls and Honeypots
  • Vulnerability Scanners
  • Computer Security Policies
  • Password Managemen
  • Incident Handling
  • Information Warfare
  • Encryption
  • VPN's, PKI, and PGP
  • Common Vulnerabilities in Wireless IPSec/VPN Deployments
  • Firewall Test, Port Scan, Spy Ware and Security Audit
  • Find Security Holes

IPv6 Risk Assessment and Auditing

  • Host and Network Based Intrusion Detection
  • Honeypots, Firewalls and Perimeter Protection
  • Security Policy
  • Information Warfare
  • Web Security
  • Network Fundamentals and IP Concepts and Behavior
  • Cisco Router Filters
  • Four Primary Threats for Perimeter Protection
  • PGP, Steganography
  • Anti-Viral Tools
  • Windows (2000, XP, NT, 98) IPv6 Security Administration and Auditing
  • IIS Security
  • Unix IPv6 Security

Firewalls, Perimeter Protection, and VPNs

  • IPv6 Stimulus/Response and Fragmentation
  • Complex IP Transports and Services
  • TCPdump, WINdump, Ethereal and Other Sniffers
  • Static Packet Filtering
  • Stateful Packet Filtering and Inspection
  • Proxies
  • Popular IPv6 Firewall Products
  • Implementing Security with Cisco Routers
  • Intrusion Detection
  • Centralized Logging
  • Firewall Log File Analysis
  • Log File Alerting
  • IPSec, SSL, and SSH
  • Designing a Secure Perimeter
  • Network and Host Based Auditing

Securing Unix/Linux and Microsoft Platforms in IPv6 Networks

  • Network-Based Attacks
  • Memory Attacks, Buffer Overflows
  • File System Attacks, Race Conditions
  • Trojan Horse Programs and Rootkits
  • Monitoring and Alerting Tools
  • Network Security Tools
  • Policies and Operations
  • DMZ: DeMilitarized Zone in Networks
  • Layered Defenses of Network and Information Security

IPv6 Security Considerations

  • ICMPv6 Protocol Protection
  • Scanning in IPv6
  • IPv6 extension header threats
  • IPv6 router header abuse
  • IPv6 fragmentation threats
  • ICMPv6 threats
  • Neighbor discovery threats
  • ND threat examples
  • Cryptographically Generated Addresses (CGA)
  • SEcure Neighbor Discovery (SEND)
  • SEND and CGA
  • Hardening IPv6 Network Devices
  • Threats Against Network Devices
  • Disabling Unnecessary Network Services
  • IPv6 Device Management
  • Threats Against Interior Routing Protocol
  • First-Hop Redundancy Protocol Security
  • Controlling Resources
  • QoS Threats
  • Server and Host Security
  • IPv6 Host Security
  • IPsec and SSL VPNs
  • Implementing Dual-Stack Security
  • Hacking the Tunnels
  • Attacking NAT-PT
  • IPv6 Latent Threats Against IPv4 Networks
  • Security Monitoring
  • Managing and Monitoring IPv6 Networks
  • Managing IPv6 Tunnels
  • Forensics Techniques
  • Using Intrusion Detection and Prevention Systems
  • Managing the Security Configuration
  • Changing Security Perimeter
  • Creating an IPv6 Security Policy
  • Securing the Transition Mechanisms
  • Understanding IPv4-to-IPv6 Transition Techniques
  • Consolidated List of Tonex's Recommendations

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.