As new technology is imagined, designed, implemented, deployed and maintained, there is a time when security begins to have importance. With most technologies, security is an add-on, inserted during the maintenance cycle, there for leaving a gap for attackers to exploit this gape in the process. Even technologies with built in security, has suffered, due to a lack of understanding of that technology or importance of security.
IPv6 is no exception, by default; IPv6 has been ‘accidentally’ implemented in the majority of modern operating systems and appliances. Below is a history of device deployments:
Date Products1996
- OpenBSD / NetBSD / FreeBSD
- Linux 2.1.6 Kernel
1997
- AIX 4.2
2000
- Window 95/98/ME/NT 3.5/NT 4.0
- Microsoft 2000
- Solaris 2.8
2001
- Cisco IOS (12.x and Later)
2002
- Juniper (5.1 and Later)
- IBM z/OS
- Apple OS/10.3
- Microsoft XP
- Linux 2.4 Kernel
- AIX 6
- IBM AS/400
2006
- Linksys Routers (WRT54G - Mindspring)
- Cell Phone - Microsoft CE 5.0 or greater
- Solaris 2.10
- Linux 2.6 Kernel
2007
- Apple Airport Extreme
- Cell Phone – BlackBerry
- Microsoft Vista
- HP-UX 11iv2
- Open VMS
- Macintosh OS/X Leopard
This blog, IPv6Sec, is dedicated to answering the question:
- What it will take to make both IPv6 and other technologies, secure by design?
- How are the there for reducing the 0-day exposure of this and other technology?
- How can IPv6 and other technology be exploited, and what can be done to mitigate the exploit?
- Or anything else that is IPv6 or Security
