It is about to happen: the long promised upgrade from IPv4 to IPv6 is on our doorstep. The initial reason for this change of the Internet’s layer 3 protocols was to head off the projected 2010-2012 depletion of IPv4 reported back in 1994. As a stop-gap method until IPv6 was fully deployed, the Internet Engineering Task Force (IETF) chose to implement many standards which were intended to first extend the life of the address space and second help the transition to native IPv6-only networks. In addition, the IETF decided to reengineer the protocol, adding many features which will make Internet communications easier, more robust, flexible, agile, lighter weight and secure. But within these decisions lay unintended consequences to security.
This presentation will discuss the deeper justification of moving to native IPv6, decisions along the way which made IPv4 more difficult to secure, the impact of transition protocols to connect the “Islands of IPv6 across seas of IPv4″/”Islands of IPv4 across seas of IPv6”, failure by the security and IT vendors provide parity with IPv4/IPv6 tools which leave network vulnerable, and local network fails built into the protocol. Finally, the vast majority of security professionals and hackers assume that IPv6 is just like IPv4, it is not, therefore we will discuss how to connect, operate, penetrate and secure IPv6 enabled systems.