June 20-22, 2017 | Donostia - San Sebastian


Hacking IPv6 Networks v4.0 - Fernando Gont

This course will provide the attendee with in-depth knowledge of IPv6 security, such that the attendee is able to evaluate and mitigate the security implications of IPv6 in production environments. The attendee will be given an in-depth explanation of each topic covered in this course, and will learn – through hands-on exercises – how each feature can be exploited for malicious purposes. Subsequently, the attendee will be presented with a number of alternatives to mitigate each of the identified vulnerabilities. During the course, the attendee will perform a large number of exercises in a network laboratory (with the assistance of the trainer), such that the concepts and techniques learned during this course are reinforced with hands-on exercises. A range of open source tools will be employed for all the practical exercises, such that the attendee becomes familiar with the tools arsenal that is typically employed for real-world IPv6 security assessments and penetration tests. The attendee will be required to perform a large number of IPv6 attacks, envision mitigation techniques for the corresponding vulnerabilities, and evaluate the aforementioned mitigation techniques with real-world attack tools.

Audience and prerequisites:
Network Engineers, Network Administrators, Security Administrators, Penetration Testers, and Security Professionals in general. Participants are required to have:

    • Good understanding of the IPv4 protocol suite (IPv4, ICMP, ARP, etc.)
    • Good understanding of network components (routers, firewalls, etc.)
    • Knowledge of basic UNIX/Linux shell commands
    • Knowledge of basic IPv4 troubleshooting tools, such as: ping, traceroute, and network protocol analyzers.
    • Basic knowledge of IPv6 is desirable, but not required.

Course duration, format and materials:
Three days, with up to 50% of course time devoted to practical sessions.

    • One course book (written by the trainer) that includes all the slides and exercises presented in the course.
    • A copy of the virtual lab employed for the training course.
    • A certificate of completion of the training course.

Other considerations:

    • Coffee breaks and lunch included
    • Training language: English [* Consultar por posibilidad en Español]
    • Training materials
    • Students need to bring their own laptop
    • Free admission to EuskalHack Security Congress (Two days Coffee breaks and lunch included)
    • Please note: Course will be cancelled if the minimum of 8 students do not enroll

About the trainer:
Fernando Gont is a world-renowned IPv6 expert, working on IPv6 consulting around the world:

    • He has written 30 IETF RFCs, many of which focus on IPv6.
    • He is actively involved in IPv6 standardization, with more than 10 active IETF Internet-Drafts.
    • Author of the SI6 Network’s IPv6 toolkit, the only portable and freely available toolkit for the IPv6 protocol suite.
    • He has been delivering consulting and training services worldwide for more than ten years.
    • More information about Fernando Gont is available at his web site: https://www.gont.com.ar.

Detailed training course agenda:

    1. Introduction to IPv6
    2. IPv6 Addressing Architecture
    3. IPv6 Header Fields
    4. IPv6 Extension Headers (EHs)
    5. IPsec
    6. Internet Control Message Protocol version 6 (ICMPv6)
    7. Neighbor Discovery for IPv6
    8. Stateless Address Auto-configuration (SLAAC)
    9. Dynamic Host Configuration Protocol version 6 (DHCPv6)
    10. Multicast Listener Discovery (MLD)
    11. Upper-Layer Attacks
    12. DNS Support for IPv6
    13. IPv6 Firewalls
    14. Security Implications of IPv6 forIPv4-only Networks
    15. Transition/Co-existence Technologies
    16. Network Reconnaissance in IPv6
    17. IPv6 Deployment Consideration