Security Blog

Your source for information security news and views.
Tags >> IPv6

For those that don't know, tomorrow is world IPv6 day. A day when over 400 corporation, government, and university websites will switch their networking over to IPv6 protocol for a 24 hour period. The changeover will signify the start of a new generation of internet protocol and hopefully give credit to the IPv6 system, which has been driven into the market since 1999. With the now imminent depletion of all existing available IPv4 addresses, IPv6 day aims to push the remaining non-conformers over to the new system and bring much more attention to it as a necessary protocol. Though this will be a landmark day due to its introduction of the largest wide scale implementation of IPv6 to date, it could also be D-Day for the largest wide scale implementation of DDoS attacks. 

Though the trial changeover will only last from 8:00p.m. tonight  until 7:59p.m. tomorrow night, there is still the possibility for some major issues. One of the most probable being DDoS attacks. These attacks rely on jamming up network routers and devices with overwhelming amounts of traffic and thus causing the network to crash and deny all remaining requests. Since IPv6 header packets are four times the size of IPv4 header packets, they take four times as long to process by routers. In a digital world this takes only nanoseconds but multiply this by thousands of requests a minute or even per second combined with the increased processing time it takes to handle a larger IPv6 header and the system can potentially jam up very quickly.

Many large corporate websites on the IPv6 trial list, such as Google, Facebook, and Juniper, have seen their fair share of attempted attacks in the past. This vulnerable new system still in its infancy could be the perfect opportunity for hackers to finally break through to the information they want.

One advantage to being on this list of the 400 is that these corporations have done their homework on IPv6 and their systems have been built to handle this protocol. Another attack vector comes with those companies who have yet to make the switch to a dual stack implementation of their packet inspection network systems to handle both IPv4 and IPv6 traffic. These companies will be accepting uninspected IPv6 traffic through their devices thus holding the potential for a broad array of network attacks.

This trial period will be a major learning experience for all IPv6 amateurs. If your corporation has plans to implement increased network security, today would be the day to do so.  Be prepared to hear more about this all across the cyber world as the day goes on.


Topics