General whitepaper links
- Sean Convery has some good information on his site here. You can find a IPv6 security page there from 2004 and although some of the links are dead the page still contains useful information and pointers.
- The Security Expert Initiative Project (SEINIT) homepage.
- The IPv6 publications database [DEAD LINK: http://www.6journal.org/] at the University of Southampton has some good links on IPv6 security and IPv6 in general.
- Franjo Majstor has been presenting on IPv6 security and keeps copies of his presentations on his homepage.
Specific whitepapers by date
- “IPv6 Extension Headers: New Features, and New Attack Vectors” by Antonios Atlasis at Troopers13 (March 2013)
- “Design & Configuration of IPv6 Segments with High Security Requirements” by Enno Rey at Troopers13 (March 2013)
- “Fragmentation Overlapping Attacks Against IPv6: One Year Later” by Antonios Atlasis at Troopers13 (March 2013)
- “Securing IPv6 in the Cisco Space” by Christopher Werny at Troopers13 (March 2013)
- “IPv6 Infrastructure Security” by Jeff Carrell at the 2013 North America IPv6 Summit (April 2013).
- “IPv6 Attacks and Countermeasures” by James Small at the 2013 North America IPv6 Summit (April 2013).
- “IPV6 Security – Threats and countermeasures” by Wardner Maia at MUM (March 2012)
- “Deploying IPv6 Secure Neighbor Discovery (SeND) in the Enterprise Today” by Jeremy Duncan at the 2012 North America IPv6 Summit (April 2012).
- “Security challenges in IPv6 from the campus perspective” by Tomas Podermanski at NORDUnet conference (September 2012).
- “What does IPv6 mean to your site security ?” by Tim Chown, University of Southampton as a part of Networkshop 39 (April 2011)
- “Guideline for the Secure Deployment of IPv6” by Sheila Frankel at the 2012 North America IPv6 Summit (April 2011).
- “IPv6 myths: Debunking misconceptions regarding IPv6 security features” by Fernando Gont for SearchSecurity.com (May 2011)
- “IPv6 security issues: IPv6 transition mechanisms” by Fernando Gont for SearchSecurity.com (June 2011)
- “Requirements for secure IPv6 deployments include better IPv6 tester tools” by Fernando Gont for SearchSecurity.com (July 2011)
- “IPv6 Security” is an article by 6DEPLOY (February 2010)
- “IPv6 and security” by Merike Kaeo as a part of ICT Spring Europe (March 2010) [DEAD LINK: http://www.ictspring.com/pdf/gf-d1-1115-merike-kaeo.pdf].
- “IPv6 security models and dual stack (IPv6/IPv4) implications” by Karl Mayer and Wolfgang Fritsche in a report from iABG (July 2010)
- “Who Cares About IPv6?” by Sam Bowne at Defcon 18 (July 2010).
- “IPv6 Security” by Earl Carter as a part of the Texas IPv6 Task Force Summit (October 2010)
- “Exploiting Tomorrow’s Internet Today Penetration Testing with IPv6” by H D Moore in Uninformed Volume 10 (October 2010)
- “IPv6 Deployments Is Security An Afterthought (again)?” by Merike Kaeo as a part of RIPE61 (November 2010)
- “Guidelines for the Secure Deployment of IPv6” by S. Frankel, R. Graveman, J. Pearce and M. Rooks published by NIST as Special Publication 800-119 (December 2010)
- “IPv6 Security: An Enterprise Perspective” by Scott Hogg as a part of the Rocky Mountain IPv6 Summit (April 2008) [DEAD LINK: http://www.rmv6tf.org/2008-IPv6-Summit-Presentations/Scott%20Hogg%20-%20IPv6%20Security-2008-04-09.pdf].
- “ IPv6 Routing Header Security” Philippe Biondi and Arnaud Ebalard as a part of CanSecWest 2007 (April 2007).
- “IPv6 Security Considerations and Recommendations” is a Microsoft TechNet article by Joe Davies (February 2006).
- “IPv6 Security Technology Paper” by Merike Kaeo (July 2006) [DEAD LINK: http://www.nav6tf.org/documents/nav6tf.security_report.pdf].
- “IPv6 Network Architecture IPv6 Network Architecture Protection (NAP)” by Victoria Fineberg (July 2006) [DEAD LINK: http://www.nav6tf.org/documents/nav6tf.ipv6_nat_vf_20060710.pdf].
- “Covert Channels using IPv6/ICMPv6” by R.P Murphy at DEFCON 14 (August 2006)
- ” IPv6: Under the Hood” by Mark Dowd as a part of RUXCON 2006 (September 2006) [DEAD LINK: http://www.ruxcon.org.au/files/2006/dowd_ipv6.ppt].
- “Firewall Design Center and Architecture Requirements IPv6” by Jim Bound (October 2006) [DEAD LINK: http://www.nav6tf.org/documents/nav6tf.technical_report.firewall.pdf].
- “Scapy and IPv6 networking” by Philippe BIONDI and Arnaud EBALARD as a part of HITB 2006 (October 2006).
- “Attacking the IPv6 Protocol Suite” by THC (October 2006)
- “IPv6 Security Issues” by Samuel Sotillo (2006) [DEAD LINK: http://www.infosecwriters.com/text_resources/pdf/IPv6_SSotillo.pdf].
- “IPv6 Network Architecture Protection (NAP)” Victoria Fineberg DISA, Office of the CTO [DEAD LINK: http://www.nav6tf.org/documents/nav6tf.ipv6_nat_vf_20060710.pdf]
- “IPv6 cookbook for routing, DNS, intra-domain multicast, inter-domain multicast, and security, 2nd Version” is one of the deliverables by the 6NET project and Chapter 7 deals specifically with security. The editor for this was Kurt Bauer (January 2005).
- “Secure IPv6 Operation- Lessons learned from 6NET, 3rd Version” is one of the deliverables by the 6NET. The editor for this was G. Koutepas (January 2005).
- “Security Best Practices for Service Providers” talk given by Chuck Sellers at the NAv6TF/ARIN XV IPv6 Conference (April 2005) [DEAD LINK: http://www.nav6tf.org/documents/arin-nav6tf-apr05/4.ISP_security_best_practices_CS.pdf].
- “IPv6 Security and Security Update” talk given by John Spence at the NAv6TF/ARIN XV IPv6 Conference (April 2005) [DEAD LINK: http://www.nav6tf.org/documents/arin-nav6tf-apr05/6.IPv6_Security_Update_JS.pdf].
- “Mitigating Security Risks in IPv6 Networks” by Merike Kaeo (April 2005) [DEAD LINK: http://www.seinit.org/documents/Pdfs/IPv6-security-DSS.pdf].
- “Implementing Security for IPv6” from Cisco (May 2005) [DEAD LINK: http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/sa_secv6.htm].
- “IPv6 Security: Threats and solutions” talk given by Janos Mohacsi at the 3rd 6NET Workshop (May 2005).
- “Introduction to IPv6 Security” talk given by Brian McGehee at the Coalition Summit for IPv6 in Reston, Virginia (May 2006) [DEAD LINK: http://usipv6.unixprogram.com/North_American_IPv6_Summit_2004/052005/mon/Brian_McGehee_IntrIPv6Secur.pdf].
- “Security Aspects of IPv6” talk given by Brian McGehee at the Coalition Summit for IPv6 in Reston, Virginia (May 2006) [DEAD LINK: http://usipv6.unixprogram.com/North_American_IPv6_Summit_2004/052005/mon/Brian_McGehee_SecAspectIPv6.pdf].
- “Security for Network Centric Operations” by Richard Graveman at the Coalition Summit for IPv6 in Reston, Virginia (May 2006) [DEAD LINK: http://usipv6.unixprogram.com/North_American_IPv6_Summit_2004/052005/mon/Richard_Graveman.pdf].
- “IP Version 6 Migration” by Ryan J. Determan at the Coalition Summit for IPv6 in Reston, Virginia (May 2006) [DEAD LINK: http://usipv6.unixprogram.com/North_American_IPv6_Summit_2004/052005/mon/Ryan_Determan_IPv6Migration.pdf].
- “Threats to Communication” by Steven M. Bellovin at the Coalition Summit for IPv6 in Reston, Virginia (May 2006) [DEAD LINK: http://usipv6.unixprogram.com/North_American_IPv6_Summit_2004/052005/mon/Steve_Bellovin_ThreatToComm.pdf].
- “Rethinking Security” (Caution: large download @130Mb) talk given by Varo Vives and Jordi Palet at the IPv6 Summit in Barcelona (June 2005).
- “IPv6 Intrusion Detection Systems: A call to arms” (Caution: large download @130Mb) talk given by Tim Chown and Troy Lancaster at the IPv6 Summit in Barcelona (June 2005).
- “Network Architecture Protection” (Caution: large download @130Mb) talk given by Gunter Van de Velde at the IPv6 Summit in Barcelona (June 2005).
- “IPv6 Security” Janos Mohacsi, NIIF/HUNGARNET at the Southern Africa IPv6 Training Workshop (September 2005)
- “Recycling IPv4 Recycling IPv4 attacks in IPv6” by Francisco Jesús Monserrat Coll at the “Jornadas de Seguridad” (October 2005) [DEAD LINK: http://www.arcert.gov.ar/tc/presentaciones/martes/ReciclandoAtaquesIP-IRIS-CERT.pdf].
- “Security issues with IPv6 deployment” Tony Hain, Senior Technical Leader, IPv6 Technologies, Cisco Systems at the First Australian IPv6 Summit (November 2005)
- “IPv6 security issues – Thinking outside the NAT box” by Tony Hain – Cisco Systems (December 2005) [DEAD LINK: http://www.afrinic.net/meeting/afrinic-3/presentations/afrinic3-13-12-2005/tony.pdf].
- “IPv6 and IPv4 Threat Comparison and Best- Practice Evaluation (v1.0)” by D. Miller, S. Convery (March 2004) [DEAD LINK: http://www.cisco.com/security_services/ciag/documents/v6-v4-threats.pdf].
- “IP version 6 security considerations” talk given at CanSecWest 2004 by Jun-ichiro “itojun” Hagino. Look for the “csw04-Itojun.ps” document in the conference archives. (April 2004).
- “IPv6- IPv4 Threat Comparison v1.0” talk by D. Miller, S. Convery at NANOG31 (May 2004).
- “Sending IPv6 packets to check firewall rules” by Laurent Constantin (May 2004).
- “Security of IPv6: from a firewalls point of view” (The paper of the extended abstract of this talk can be found here) given by Janos Mohacsi at the TERENA Networking Conference (June 2004).
- “IPv6 Security Threats” talk given by S. Convery, D. Miller at Networkers 2004 (June 2004).
- “D1.2 Assessment of threats and vulnerabilities in networks” by SEINIT (August 2004) [DEAD LINK: http://www.seinit.org/documents/Deliverables/SEINIT_D1.2_PU.pdf].
- “The challenges of filtering IPv6 packets” talk given by Andy Chien at IPv6 Tech 2004 (August 2004) [DEAD LINK: http://rd.ipv6.org.tw/2004seminar/document/PG-Security-IPv6.pdf].
- “IPv6 Security Considerations” by Mohammad Heidari on (September 2004) [DEAD LINK: http://www.infosecwriters.com/texts.php?op=display&id=226].
- “IPv6 Security” talk by Mat Ford, BT Exact, UK given at the UK IPv6 Deployment Conference (September 2004) [DEAD LINK: http://www.uk.ipv6tf.org/events/manchester.html#slides].
- “IPv6 Dual Stack Security Considerations” by D. Miller, S. Convery (October 2004).
- “IPv6 Security Issues” by Georgios Koutepas (October 2004) [DEAD LINK: http://to.grnet.gr/content/modules/calendar/IPv6_security_en.ppt].
- “IPv6 Capable Security Assessment IPv6 Capable Security Assessment / Penetration Testing Tools” by Gene Cronk (November 2004) [DEAD LINK: http://www.hacksonville.org/presos/ipv6_attack_tools.pdf].
- “Fast Worm Propagation in IPv6 Networks” by Jing Yang at the Malware Seminar Spring (November 2004).
- “Cisco IOS IPv6 Access Control Lists” by Patrick Grossetete (April 2003) [DEAD LINK: http://www.cisco.com/warp/public/732/Tech/ipv6/docs/ipv6_acls0403.ppt].
- “Intrusion Detection and IPv6” by Arrigo Triulzi (April 2003) [DEAD LINK: http://www.unob.cz/spi/ostatni/2003/Invited/Triulzi.pps].
- “IPv6 Security” talk by Eric Marin at the 6NET 2003 Workshop (May 2003).
- “IPv6 Security Considerations” by Patrick Grossetete and Dennis Vogel (June 2003).
- “Security Implications of IPv6” (The paper can be found on the ISS website here) talk given at BlackHat Federal by Michael H. Warfield of ISS (July 2003).
- “Cryptographically Generated Addresses (CGA)” by Tuomas Aura at Microsoft Research (October 2003).
- “Does IPv6 protocol solve all security problems of IPv4?” talk by Franjo Majstor at Information Security Solutions Europe (October 2003).
- “IP version 6 security considerations” talk given at pacsec-jp by Jun-ichiro “itojun” Hagino (November 2003).
- “IPv6 Security Challenges” by Herve Schauer (November 2003).
- “A Case Study on experimental IPv6 IDS” talk given at HITB by Pandir Harris and Raja Azlina Raja Mahmood (December 2003) [DEAD LINK: http://conference.hackinthebox.org/materials/HITBSecConf2003/scan_assoc/pokleyzz_and_pandir_harris.zip].
- “IPv6 and New Security Paradigm” by Yasuki Saito (NTT Communications) (December. 2003).
- “Securing Group Management in IPv6 with CGA” by Claude Castelluccia and Gabriel Montenegro (February 2002).
- “Building an IPv6 Firewall with OpenBSD” by Eric Millican (March 2002).
- “Extension of a network scanning tool with IPv6 features (Nmap)” by Sebastien Peterson (June 2002).
- “Securing IPv6 neighbor discovery and router discovery” by Tuomas Aura at Microsoft Research (September 2002).
- “Internet Protocol version 6 security” by Carol Hiltpold and Robert Johnson (September 2002).
- “IPv6 and Security” by Kostya Kortchinsky (October 2002) [DEAD LINK: http://aristote1.aristote.asso.fr/Presentations/IPv6-2002/P/Kostya/Kostya.pdf].
- “IPv6 Security” talk given by Franjo Majstor at the RSA Conference 2002 (October 2002).
- “IP Next Generation” talk given at DEFCON IX by Brenno J.S.A.A.F. de Winter (July 2001) .
- “Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host” by Peter M. Gleitz and Steven M. Bellovin at the Proceedings of the Eleventh Usenix Security Symposium (August 2001).
- “NAT, firewalls and IPv6” talk given at the ITXC Conference, Seattle by Christian Huitema (October 2001).
- “Security Issues in IPv6” talk given by Ken Renard [DEAD LINK: http://www.wareonearth.com/whitepapers/IPv6SecurityIssues.pps].