vincent van der eijk erik lamers comparing ipv4 port
play

Vincent van der Eijk && Erik Lamers Comparing IPv4 port - PowerPoint PPT Presentation

Jul 14, 2023 •103 likes •279 views

A Comparative Security Evaluation for IPv4 and IPv6 Addresses Vincent van der Eijk && Erik Lamers Comparing IPv4 port security to IPv6 port security Scanning the Internet for profit, ethically. 2 Why do we need to know this? IPv6

  1. A Comparative Security Evaluation for IPv4 and IPv6 Addresses Vincent van der Eijk && Erik Lamers

  2. Comparing IPv4 port security to IPv6 port security Scanning the Internet for profit, ethically. 2

  3. Why do we need to know this? IPv6 adoption is growing: ● More exposed hosts? ● More exposed ports every day? Until recently scanning the IPv6 address space was considered unfeasible. 3

  4. Research Question Has the state of IPv6 port based security compared to IPv4 port based security shifted over the last four years? 4

  5. Is IPv6 port security that different? Previous work has shown that misconfigurations when enabling IPv6 are common. This can leave (IPv6) ports exposed to the Internet. 5

  6. Related work (1) Czyz et al. (2016), have shown that IPv6 port security is leaking compared to IPv4. Borgolte et al. (2018), have shown that enumerating IPv6 addresses using DNSSEC is possible, and found similar security issues. 6

  7. Related work (2) Durumeric et al. (2013), developed ZMap a Internet wide scanning tool. 7

  8. Ports to probe ● In total: 19 TCP and 4 UDP ports Some examples: ● Basic protocols: FTP, HTTP, SSH ● DB protocols: MongoDB, MSSQL, MySQL ● Outdated protocols: SNMPv1, Telnet 8

  9. Host definition ● Only dual-stack hosts ● A host must be reachable via ICMP echo request either on IPv4 or IPv6 9

  10. Methodology 1. Datasets (Rapid7, Alexa, IPv6 hitlist) 2. ICMP scan 3. Scan reachable hosts for responding services 4. Banner grab responsive TCP protocols 10

  11. Lab setup ● Two servers running Ubuntu 18.04; ○ 8 vCPUs, 16 GB Mem ● 1 GB uplink / Server NIC 200K pps cap. ● ZMap and ZGrab(2) scanning tools 11

  12. Then we scanned the Internet … or at least a part of it. 12

  13. Results (1) Top (blue): IPv4 Bottom (orange): IPv6

  14. Results (2) Banner-grab Average response: 85% 14

  15. Conclusions According to our findings a higher percentage of IPv4 ports are exposed to the Internet than IPv6 ports are. Has the trend really shifted in the past four years towards IPv6 security? 15

  16. Key findings ● IPv4 is still the dominant protocol ● 4 times more open ports over IPv4 than IPv6 ● Is there a shift in port security? 16

Recommend

Analysis of Cobalt Strike network traffic obfuscation in C2 communication Vincent van der Eijk

Analysis of Cobalt Strike network traffic obfuscation in C2 communication Vincent van der Eijk

Analysis of Cobalt Strike network traffic obfuscation in C2 communication Vincent van der Eijk & Coen Schuijt University of Amsterdam vincent.vandereijk@os3.nl, coen.schuijt@os3.nl July 3, 2020 Vincent van der Eijk & Coen Schuijt (OS3)

438 views • 25 slides
Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic

Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic

Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic ac7vity Geoff Huston APNIC February 2012 The IPv4 Table: 2004 - now The IPv6

770 views • 47 slides
Measuring disagreement in science Dakota Murray, Wout Lamers, Kevin Boyack, Vincent Larivire,

Measuring disagreement in science Dakota Murray, Wout Lamers, Kevin Boyack, Vincent Larivire,

Slides at: https://... @dakotasmurray Measuring disagreement in science Dakota Murray, Wout Lamers, Kevin Boyack, Vincent Larivire, Cassidy R. Sugimoto, Nees Jan van Eck, Ludo Waltman SciTech Strategies Disagreement in science

1.34k views • 123 slides
Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with

Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with

Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with WPA3 personal Making Wi-Fi great again With security this time, right? Securing home Wi-Fi with WPA3 personal - July 3 rd 2020 2 Why is WPA3

853 views • 28 slides
The Redevelopment of a Boutique Office With No Operational Carbon (87-91 St Vincent St, Port

The Redevelopment of a Boutique Office With No Operational Carbon (87-91 St Vincent St, Port

Together we create change in the world The Redevelopment of a Boutique Office With No Operational Carbon (87-91 St Vincent St, Port Adelaide) Agenda 1. Project Overview 2. Building Innovation & Green Building Fund 3. Project Eligibility

363 views • 20 slides
IPv6 Avanzado Introduccin Toms Lynch LACNOG WHERE ARE WE? IPv4 Yes, the IPv4 pool

IPv6 Avanzado Introduccin Toms Lynch LACNOG WHERE ARE WE? IPv4 Yes, the IPv4 pool

IPv6 Avanzado Introduccin Toms Lynch LACNOG WHERE ARE WE? IPv4 Yes, the IPv4 pool IPv4 with NAT/Tunnels But we can use IPv4 and NAT or Tunnels!!! Yeah, right IPv6 IPv6 Readiness Laptops, pads, mobile phones, dongles,

477 views • 19 slides
Secure Key Generation from Biased PUFs Roel Maes, Vincent van der Leest, Erik van der Sluis

Secure Key Generation from Biased PUFs Roel Maes, Vincent van der Leest, Erik van der Sluis

Secure Key Generation from Biased PUFs Roel Maes, Vincent van der Leest, Erik van der Sluis (Intrinsic-ID) Frans Willems (TU Eindhoven) Introduction PUF-based key generation Key Response Key PUF Generation Helper Data Noisy Key Key

496 views • 16 slides
Initial estimate of sediment toxicants beyond estuary mouths in Western Port Vincent Pettigrove,

Initial estimate of sediment toxicants beyond estuary mouths in Western Port Vincent Pettigrove,

Initial estimate of sediment toxicants beyond estuary mouths in Western Port Vincent Pettigrove, Simon Sharp & Jackie Myers Centre for Aquatic Pollution Identification and Management (CAPIM) Toxicants in sediments: a screening study Key

903 views • 36 slides
IPv6 Presentation Template (Make this title your own!) Whats happening with IPv4? IPv4

IPv6 Presentation Template (Make this title your own!) Whats happening with IPv4? IPv4

IPv6 Presentation Template (Make this title your own!) Whats happening with IPv4? IPv4 exhaustion (link to RIRs and highlight relevant trends for your region) Regional Internet Authorities are in various phases of IPv4 exhaustion

486 views • 13 slides
Is there available IPv4 space in the LAC region? Sergio Rojas sergio@lacnic.net IPv4 IPv4

Is there available IPv4 space in the LAC region? Sergio Rojas sergio@lacnic.net IPv4 IPv4

Is there available IPv4 space in the LAC region? Sergio Rojas sergio@lacnic.net IPv4 IPv4 space 4.294.967.296 IP addresses (not all of them are usable) It seems a lot of space, right? But the world population is almost 7 billion

201 views • 16 slides
IPv4 Pricing and Transfer Update Sandra Brown IPv4 Market Group January 19, 2016 IPv4 Life

IPv4 Pricing and Transfer Update Sandra Brown IPv4 Market Group January 19, 2016 IPv4 Life

IPv4 Pricing and Transfer Update Sandra Brown IPv4 Market Group January 19, 2016 IPv4 Life Cycle Events ARIN Runout RIPE Inter-RIR Transfers /8s come to market IPv6 Adoption 2 Factors Affecting Pricing # OF IP TRANSFERS

223 views • 8 slides
IPv4 Exhaus,on And IPv6 Deployment Carlos Mar)nez @Sint-Maarten Internet Week IPv4 There

IPv4 Exhaus,on And IPv6 Deployment Carlos Mar)nez @Sint-Maarten Internet Week IPv4 There

IPv4 Exhaus,on And IPv6 Deployment Carlos Mar)nez @Sint-Maarten Internet Week IPv4 There are 4,294,967,296 IPv4 addresses (32 bits long) but not all of them can be used Looks like a lot, right? But... World popula)on currently stands

501 views • 27 slides
Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4

Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4

Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4 addresses have 32 bits only not enough for 1 IP address per person dynamic IPs, NAT, Manual configuration time consuming (in larger

655 views • 16 slides
SIIT-DC: IPv4 Service Contjnuity for IPv6 Data Centres Tore Anderson Redpill Linpro AS UKNOF36,

SIIT-DC: IPv4 Service Contjnuity for IPv6 Data Centres Tore Anderson Redpill Linpro AS UKNOF36,

SIIT-DC: IPv4 Service Contjnuity for IPv6 Data Centres Tore Anderson Redpill Linpro AS UKNOF36, London, January 2017 Incremental IPv6 deployment in DC IPv4-only IPv4-only + IPv6 via NAT/proxy/etc Dual-stacked public frontend, IPv4 BE Full

550 views • 15 slides
Ethernet Port Evolution Joel Halpern Joel.halpern@ericsson.com First though An Input Ethernet

Ethernet Port Evolution Joel Halpern Joel.halpern@ericsson.com First though An Input Ethernet

Ethernet Port Evolution Joel Halpern Joel.halpern@ericsson.com First though An Input Ethernet Port and and Output Ethernet Input PortPort IPv4 and IPv6 Information Ethernet Port VLAN Information Put all the interface information in

374 views • 6 slides
Exhaustion of IPv4 Address in 2010 Exhaustion of IPv4 Address in 2010 Associate Professor Dr.

Exhaustion of IPv4 Address in 2010 Exhaustion of IPv4 Address in 2010 Associate Professor Dr.

802.16 IP Telephony Lab Exhaustion of IPv4 Address in 2010 Exhaustion of IPv4 Address in 2010 Associate Professor Dr. Quincy Wu solomon@ipv6.club.tw Graduate Institute of Communication Engineering National Chi Nan University 1 1

943 views • 77 slides
ebXML for Implementers OASIS Symposium, San Francisco 2006 Pim van der Eijk Agenda

ebXML for Implementers OASIS Symposium, San Francisco 2006 Pim van der Eijk Agenda

ebXML for Implementers OASIS Symposium, San Francisco 2006 Pim van der Eijk Agenda Introductions B2B Integration Reference Models ebXML initiative and history B2B architecture patterns and ebXML ebXML Specifications

763 views • 47 slides
IPv6 @ Navneet Nagori Network Engineering Why IPv6 IPv4 exhaustion Cost - Buying

IPv6 @ Navneet Nagori Network Engineering Why IPv6 IPv4 exhaustion Cost - Buying

IPv6 @ Navneet Nagori Network Engineering Why IPv6 IPv4 exhaustion Cost - Buying address costly , Provider supported NAT, Abuse Identification, Port exhaustion, User share address New Devices IPTV, Mobile Network, home

528 views • 21 slides
A New Port A New Economy Agenda The Port Today; The Future Port; Port of Cork and Energy.

A New Port A New Economy Agenda The Port Today; The Future Port; Port of Cork and Energy.

Blue Growth at Work A New Port A New Economy Agenda The Port Today; The Future Port; Port of Cork and Energy. Statio Bene Fide Carinis A Safe Harbour for Ships Port of Cork Company Cork Harbour Commissioners 1814 Public

579 views • 22 slides
Post IPv4 completion Making IPv6 deployable incrementally by making it backward compatible

Post IPv4 completion Making IPv6 deployable incrementally by making it backward compatible

Post IPv4 completion Making IPv6 deployable incrementally by making it backward compatible with IPv4. Alain Durand The Internet must support continued, un-interrupted growth regardless of IPv4 address availability DISCLAIMER:

614 views • 17 slides
Technology for privacy: protecting against online tracking and profiling Rob van Eijk PhD

Technology for privacy: protecting against online tracking and profiling Rob van Eijk PhD

Technology for privacy: protecting against online tracking and profiling Rob van Eijk PhD Candidate, Leiden University CPDP 2018, Petite Halle 24-01-2018 | 08h45-10h00 Leiden University Elaw - Centre for Law and Digital Technologies, Leiden

195 views • 15 slides
Older People across two European countries Dr Barry Evans Dr Rachel Cowan Dr Monica van Eijk (on

Older People across two European countries Dr Barry Evans Dr Rachel Cowan Dr Monica van Eijk (on

Building an Educational Exchange in Medicine of Older People across two European countries Dr Barry Evans Dr Rachel Cowan Dr Monica van Eijk (on behalf of Anouk Kabboord) University of Nottingham, United Kingdom Leiden University Medical

442 views • 33 slides
Vincent Payment Solutions Table of Contents What is Vincent? Getting Started User

Vincent Payment Solutions Table of Contents What is Vincent? Getting Started User

Vincent Payment Solutions Table of Contents What is Vincent? Getting Started User Roles Departments, Groups Cards Transactions Introducing Vincent Vincent is the next generation of software first created in 2007 as a

295 views • 11 slides
Two Problems 1. Global IPv4 address depletion 2. Private IPv4 address depletion depletion

Two Problems 1. Global IPv4 address depletion 2. Private IPv4 address depletion depletion

Two Problems 1. Global IPv4 address depletion 2. Private IPv4 address depletion depletion a.k.a. completion Scenarios Focus work on most significant, and most solvable, scenarios Solving every possible design iteration is

428 views • 9 slides

More recommend