For many years, one of the challenges in performing security assessments of IPv6 networks and implementations has been the lack of powerful and publicly-available tools to do so. On one hand, this has meant that in many (if not most) cases, implementations have not been properly assessed for robustness, and many bugs and vulnerabilities have remained unfixed. On the other hand, the lack of the aforementioned tools has prevented early adopters to perform appropriate security assessments of their IPv6 deployments. The SI6 IPv6 toolkit is one of the few portable IPv6 toolkits out there, which runs on operating systems ranging from Ubuntu Linux, to FreeBSD, OpenBSD or Mac OS X. It includes a range of tools ranging from packet crafting tools (Neighbor Discovery, TCP/IPv6, ICMPv6, etc.), to a full-fledged IPv6 address scanner (with features that are not available in the most popular and well-known network scanners), or an IPv6 address analysis tool (our addr6 tool). Fernando Gont will present each of the tools that comprise the SI6 IPv6 toolkit, and will briefly demonstrate the use of these tools to identify flaws in a number of IPv6 implementations, and to assess IPv6 networks. Finally, a new version of the toolkit will be released during this presentation, and the newly incorporated tools/features will be demonstrated to the audience.
Fernando Gont specializes in the field of communications protocols security, working for private and governmental organizations around the world.
Gont has worked on a number of projects for the UK National Infrastructure Security Co-ordination Centre (NISCC) and the UK Centre for the Protection of National Infrastructure (CPNI) in the field of communications protocols security. As part of his work for these organizations, he has written a series of documents with recommendations for network engineers and implementers of the TCP/IP protocol suite, and has performed the first thorough security assessment of the IPv6 protocol suite.
Gont is currently working as a security consultant and researcher for SI6 Networks. Additionally, he is a member of the Centro de Estudios de Informatica (CEDI) at Universidad Tecnológica Nacional/Facultad Regional Haedo (UTN/FRH) of Argentina, where he works in the field of Internet engineering. As part of his work, he is active in several working groups of the Internet Engineering Task Force (IETF), and has published more than twenty IETF RFCs (Request For Comments) and more than a dozen IETF Internet-Drafts.
Gont has also produced the SI6 Network's IPv6 Toolkit -- a portable and comprehensive security assessment and troubleshooting toolkit for the IPv6 protocol suite. Furthermore he has been a speaker at a number of conferences and technical meetings about information security, operating systems, and Internet engineering, including: CanSecWest 2005, FIRST Technical Colloquium 2005, Kernel Conference Australia 2009, HACK.LU 2011, DEEPSEC 2011, Hackito Ergo Sum 2012, Hack In Paris 2013, German IPv6 Kongress 2014, IPv6 Security Summit 2014, and H2HC 2014. Additionally, he is a regular attendee of the Internet Engineering Task Force (IETF) meetings.
More information about Fernando Gont is available at his personal web site.