This workshop presents an update of the corresponding #TR13 session. We’ll provide an overview what – IPv6-wise – works & what doesn’t, on major commercial security products (firewalls, IPSs and others). This includes results from extensive lab testing as for the handling of extension headers and fragmentation (and practical examples of different policies to handle this stuff). Furthermore we’ll focus on the actual capabilities when it comes to filtering on the application/content layer, an area where appropriate IPv6 support was (and is?), well, a bit lacklustre.
Antonios Atlasis is an IT Security researcher with a special interest in IPv6 (in)securities. His work has been presented in several IT Security conferences and it has resulted in the discovery of various IPv6-related vulnerabilities. He is the author of Chiron, an IPv6 specialized and very flexible security assessment tool.
Christopher has been involved with IPv6 since 2005 and has performed a number of IPv6 planning, implementation and troubleshooting projects & tasks since then. He leads the network security team at ERNW.