vincent van der eijk erik lamers comparing ipv4 port
play

Vincent van der Eijk && Erik Lamers Comparing IPv4 port - PowerPoint PPT Presentation

Jul 14, 2023 •103 likes •279 views

A Comparative Security Evaluation for IPv4 and IPv6 Addresses Vincent van der Eijk && Erik Lamers Comparing IPv4 port security to IPv6 port security Scanning the Internet for profit, ethically. 2 Why do we need to know this? IPv6

  1. A Comparative Security Evaluation for IPv4 and IPv6 Addresses Vincent van der Eijk && Erik Lamers

  2. Comparing IPv4 port security to IPv6 port security Scanning the Internet for profit, ethically. 2

  3. Why do we need to know this? IPv6 adoption is growing: ● More exposed hosts? ● More exposed ports every day? Until recently scanning the IPv6 address space was considered unfeasible. 3

  4. Research Question Has the state of IPv6 port based security compared to IPv4 port based security shifted over the last four years? 4

  5. Is IPv6 port security that different? Previous work has shown that misconfigurations when enabling IPv6 are common. This can leave (IPv6) ports exposed to the Internet. 5

  6. Related work (1) Czyz et al. (2016), have shown that IPv6 port security is leaking compared to IPv4. Borgolte et al. (2018), have shown that enumerating IPv6 addresses using DNSSEC is possible, and found similar security issues. 6

  7. Related work (2) Durumeric et al. (2013), developed ZMap a Internet wide scanning tool. 7

  8. Ports to probe ● In total: 19 TCP and 4 UDP ports Some examples: ● Basic protocols: FTP, HTTP, SSH ● DB protocols: MongoDB, MSSQL, MySQL ● Outdated protocols: SNMPv1, Telnet 8

  9. Host definition ● Only dual-stack hosts ● A host must be reachable via ICMP echo request either on IPv4 or IPv6 9

  10. Methodology 1. Datasets (Rapid7, Alexa, IPv6 hitlist) 2. ICMP scan 3. Scan reachable hosts for responding services 4. Banner grab responsive TCP protocols 10

  11. Lab setup ● Two servers running Ubuntu 18.04; ○ 8 vCPUs, 16 GB Mem ● 1 GB uplink / Server NIC 200K pps cap. ● ZMap and ZGrab(2) scanning tools 11

  12. Then we scanned the Internet … or at least a part of it. 12

  13. Results (1) Top (blue): IPv4 Bottom (orange): IPv6

  14. Results (2) Banner-grab Average response: 85% 14

  15. Conclusions According to our findings a higher percentage of IPv4 ports are exposed to the Internet than IPv6 ports are. Has the trend really shifted in the past four years towards IPv6 security? 15

  16. Key findings ● IPv4 is still the dominant protocol ● 4 times more open ports over IPv4 than IPv6 ● Is there a shift in port security? 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Analysis of Cobalt Strike network traffic obfuscation in C2 communication Vincent van der Eijk

Analysis of Cobalt Strike network traffic obfuscation in C2 communication Vincent van der Eijk

Analysis of Cobalt Strike network traffic obfuscation in C2 communication Vincent van der Eijk & Coen Schuijt University of Amsterdam vincent.vandereijk@os3.nl, coen.schuijt@os3.nl July 3, 2020 Vincent van der Eijk & Coen Schuijt (OS3)

438 views • 25 slides
Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic

Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic

Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic ac7vity Geoff Huston APNIC February 2012 The IPv4 Table: 2004 - now The IPv6

770 views • 47 slides
Measuring disagreement in science Dakota Murray, Wout Lamers, Kevin Boyack, Vincent Larivire,

Measuring disagreement in science Dakota Murray, Wout Lamers, Kevin Boyack, Vincent Larivire,

Slides at: https://... @dakotasmurray Measuring disagreement in science Dakota Murray, Wout Lamers, Kevin Boyack, Vincent Larivire, Cassidy R. Sugimoto, Nees Jan van Eck, Ludo Waltman SciTech Strategies Disagreement in science

1.34k views • 123 slides
Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with

Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with

Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with WPA3 personal Making Wi-Fi great again With security this time, right? Securing home Wi-Fi with WPA3 personal - July 3 rd 2020 2 Why is WPA3

853 views • 28 slides
The Redevelopment of a Boutique Office With No Operational Carbon (87-91 St Vincent St, Port

The Redevelopment of a Boutique Office With No Operational Carbon (87-91 St Vincent St, Port

Together we create change in the world The Redevelopment of a Boutique Office With No Operational Carbon (87-91 St Vincent St, Port Adelaide) Agenda 1. Project Overview 2. Building Innovation & Green Building Fund 3. Project Eligibility

363 views • 20 slides
IPv6 Avanzado Introduccin Toms Lynch LACNOG WHERE ARE WE? IPv4 Yes, the IPv4 pool

IPv6 Avanzado Introduccin Toms Lynch LACNOG WHERE ARE WE? IPv4 Yes, the IPv4 pool

IPv6 Avanzado Introduccin Toms Lynch LACNOG WHERE ARE WE? IPv4 Yes, the IPv4 pool IPv4 with NAT/Tunnels But we can use IPv4 and NAT or Tunnels!!! Yeah, right IPv6 IPv6 Readiness Laptops, pads, mobile phones, dongles,

477 views • 19 slides
Secure Key Generation from Biased PUFs Roel Maes, Vincent van der Leest, Erik van der Sluis

Secure Key Generation from Biased PUFs Roel Maes, Vincent van der Leest, Erik van der Sluis

Secure Key Generation from Biased PUFs Roel Maes, Vincent van der Leest, Erik van der Sluis (Intrinsic-ID) Frans Willems (TU Eindhoven) Introduction PUF-based key generation Key Response Key PUF Generation Helper Data Noisy Key Key

496 views • 16 slides
Initial estimate of sediment toxicants beyond estuary mouths in Western Port Vincent Pettigrove,

Initial estimate of sediment toxicants beyond estuary mouths in Western Port Vincent Pettigrove,

Initial estimate of sediment toxicants beyond estuary mouths in Western Port Vincent Pettigrove, Simon Sharp & Jackie Myers Centre for Aquatic Pollution Identification and Management (CAPIM) Toxicants in sediments: a screening study Key

903 views • 36 slides
IPv6 Presentation Template (Make this title your own!) Whats happening with IPv4? IPv4

IPv6 Presentation Template (Make this title your own!) Whats happening with IPv4? IPv4

IPv6 Presentation Template (Make this title your own!) Whats happening with IPv4? IPv4 exhaustion (link to RIRs and highlight relevant trends for your region) Regional Internet Authorities are in various phases of IPv4 exhaustion

486 views • 13 slides
Is there available IPv4 space in the LAC region? Sergio Rojas sergio@lacnic.net IPv4 IPv4

Is there available IPv4 space in the LAC region? Sergio Rojas sergio@lacnic.net IPv4 IPv4

Is there available IPv4 space in the LAC region? Sergio Rojas sergio@lacnic.net IPv4 IPv4 space 4.294.967.296 IP addresses (not all of them are usable) It seems a lot of space, right? But the world population is almost 7 billion

201 views • 16 slides
IPv4 Pricing and Transfer Update Sandra Brown IPv4 Market Group January 19, 2016 IPv4 Life

IPv4 Pricing and Transfer Update Sandra Brown IPv4 Market Group January 19, 2016 IPv4 Life

IPv4 Pricing and Transfer Update Sandra Brown IPv4 Market Group January 19, 2016 IPv4 Life Cycle Events ARIN Runout RIPE Inter-RIR Transfers /8s come to market IPv6 Adoption 2 Factors Affecting Pricing # OF IP TRANSFERS

223 views • 8 slides
IPv4 Exhaus,on And IPv6 Deployment Carlos Mar)nez @Sint-Maarten Internet Week IPv4 There

IPv4 Exhaus,on And IPv6 Deployment Carlos Mar)nez @Sint-Maarten Internet Week IPv4 There

IPv4 Exhaus,on And IPv6 Deployment Carlos Mar)nez @Sint-Maarten Internet Week IPv4 There are 4,294,967,296 IPv4 addresses (32 bits long) but not all of them can be used Looks like a lot, right? But... World popula)on currently stands

501 views • 27 slides
Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4

Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4

Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4 addresses have 32 bits only not enough for 1 IP address per person dynamic IPs, NAT, Manual configuration time consuming (in larger

655 views • 16 slides
SIIT-DC: IPv4 Service Contjnuity for IPv6 Data Centres Tore Anderson Redpill Linpro AS UKNOF36,

SIIT-DC: IPv4 Service Contjnuity for IPv6 Data Centres Tore Anderson Redpill Linpro AS UKNOF36,

SIIT-DC: IPv4 Service Contjnuity for IPv6 Data Centres Tore Anderson Redpill Linpro AS UKNOF36, London, January 2017 Incremental IPv6 deployment in DC IPv4-only IPv4-only + IPv6 via NAT/proxy/etc Dual-stacked public frontend, IPv4 BE Full

550 views • 15 slides
Ethernet Port Evolution Joel Halpern Joel.halpern@ericsson.com First though An Input Ethernet

Ethernet Port Evolution Joel Halpern Joel.halpern@ericsson.com First though An Input Ethernet

Ethernet Port Evolution Joel Halpern Joel.halpern@ericsson.com First though An Input Ethernet Port and and Output Ethernet Input PortPort IPv4 and IPv6 Information Ethernet Port VLAN Information Put all the interface information in

374 views • 6 slides
Exhaustion of IPv4 Address in 2010 Exhaustion of IPv4 Address in 2010 Associate Professor Dr.

Exhaustion of IPv4 Address in 2010 Exhaustion of IPv4 Address in 2010 Associate Professor Dr.

802.16 IP Telephony Lab Exhaustion of IPv4 Address in 2010 Exhaustion of IPv4 Address in 2010 Associate Professor Dr. Quincy Wu solomon@ipv6.club.tw Graduate Institute of Communication Engineering National Chi Nan University 1 1

943 views • 77 slides
Automated Waitlist Arrives at PSU Overview Review of Current Manual Waitlist Function

Automated Waitlist Arrives at PSU Overview Review of Current Manual Waitlist Function

Automated Waitlist Arrives at PSU Overview Review of Current Manual Waitlist Function Manual waitlist activates when enrollment cap reached. Slot is reserved for waitlist student when enrollment drops below cap. Departments

461 views • 22 slides
Web Banner Opportunities IM IMEX In In Frankfurt 2018 Why a a Web Ban anner? All our buyers

Web Banner Opportunities IM IMEX In In Frankfurt 2018 Why a a Web Ban anner? All our buyers

Web Banner Opportunities IM IMEX In In Frankfurt 2018 Why a a Web Ban anner? All our buyers need to prep for IMEX from booking appointments to picking the best after- show parties and the only place to do it is this website. A

350 views • 9 slides
DANVILLE EXISTING BANNER SERIES EVENTS LOGO SPRING FALL HOLIDAY DANVILLE BANNER SERIES SUITE

DANVILLE EXISTING BANNER SERIES EVENTS LOGO SPRING FALL HOLIDAY DANVILLE BANNER SERIES SUITE

DANVILLE EXISTING BANNER SERIES EVENTS LOGO SPRING FALL HOLIDAY DANVILLE BANNER SERIES SUITE (POTENTIAL COMBINATION) EVENTS SERIES LOGO SPRING HOLIDAY FALL OPTION 1 OPTION 2 OPTION 3 EXISTING LOGO BANNER A DANVILLE OAK TREE B

463 views • 11 slides
Document Management in Self-Service Banner Prepared by: Annette Perez Version: March 29, 2018 1

Document Management in Self-Service Banner Prepared by: Annette Perez Version: March 29, 2018 1

How to use Banner Document Management in Self-Service Banner Prepared by: Annette Perez Version: March 29, 2018 1 BDMS will help with: Document management Easy access No more snail mail Approvers can see back up quotes, etc. 2

238 views • 22 slides
Alabama State University Faade Banners: Digitally printed on reinforced vinyl. P R I N T D

Alabama State University Faade Banners: Digitally printed on reinforced vinyl. P R I N T D

P R I N T D I S P L A Y D C O R Prepared for: Alabama State University Faade Banners: Digitally printed on reinforced vinyl. P R I N T D I S P L A Y D C O R Pole Banners: 2-color silkscreen imprint on single-ply

96 views • 9 slides
CUI MARKING 101 CUI Program Office Greg Pannoni Associate Director Mark Riddle Principal for

CUI MARKING 101 CUI Program Office Greg Pannoni Associate Director Mark Riddle Principal for

CUI MARKING 101 CUI Program Office Greg Pannoni Associate Director Mark Riddle Principal for the CUI Program Oversight Devin Casey Lead for Program Implementation Charlene Wallace Lead for Agency Training and Awareness Evan Coren Program

722 views • 56 slides
1 4 3 PRINCE STREET (4 4 5 WEST BROADWAY ) NEW Y ORK, NY 1 0 0 1 2 1 4 3 PRINCE STREET

1 4 3 PRINCE STREET (4 4 5 WEST BROADWAY ) NEW Y ORK, NY 1 0 0 1 2 1 4 3 PRINCE STREET

1 4 3 PRINCE STREET (4 4 5 WEST BROADWAY ) NEW Y ORK, NY 1 0 0 1 2 1 4 3 PRINCE STREET BANNER AND BANNER POL E PROPOSAL P-0 0 0 L OCATION PL AN NA 1 6 -1 0 0 5 1 1 .0 1 .1 7 NEW BANNER POL E BL ACK BANNER FL AG L OCK-UP

246 views • 9 slides
THE NUCLEAR TRAINEES PROGRAM: A STRONG ENGIE BANNER N. VAN AUTRVE H. DRUENNE J-J. JADOT A.

THE NUCLEAR TRAINEES PROGRAM: A STRONG ENGIE BANNER N. VAN AUTRVE H. DRUENNE J-J. JADOT A.

THE NUCLEAR TRAINEES PROGRAM: A STRONG ENGIE BANNER N. VAN AUTRVE H. DRUENNE J-J. JADOT A. BATTAGLIA Revenues, workforce and capacity by region* 74,7 billion 152,900 115.3 gigawatts 10.5 gigawatts in 2014 revenues employees of

359 views • 17 slides

More recommend