Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University...
Transcript of Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University...
![Page 1: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/1.jpg)
Addressing IPv6 Vulnerabilities on Small Business Networks
Bradley Haines Vincent Pullano
University of CincinnatiCollege of Education, Criminal Justice, and Human Services
May 7, 2012
![Page 2: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/2.jpg)
2B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• Problem Description• Describe Solution• Intended Use• Deliverables• Demonstration• Conclusion• Questions
Overview
![Page 3: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/3.jpg)
3B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• IPv6 link-local networks• Improperly implemented
networks• Poor hardware IPv6
support• Growing number of
vulnerabilities• Lack of publicly available
preconfigured/easy to use IPv6 monitoring solutions
Problem
![Page 4: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/4.jpg)
4B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• Preconfigured IDS– Monitor network, send alerts– Ease of use top priority– SecurityOnion, Linux IDS-centric Distro– Snort sensor, OSSEC Web GUI/Notifier
• Initial quick setup document• Primer of known IPv6 Vulnerabilities• Reference of proper implementation
Solution - Overview
![Page 5: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/5.jpg)
5B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• Popular intrusion detection system• CLI based, not easy for casual users• Displays alerts, but not always easy to
understand• No immediate overview of network health
Solution – IDS – Snort
![Page 6: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/6.jpg)
6B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• GUI frontend to Snort• Easy to view events• Reporting capabilities• Simple custom
alerting• Email alerts• Minimal configuration
Solution – IDS – OSSEC
![Page 7: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/7.jpg)
7B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
Solution – Diagram
![Page 8: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/8.jpg)
8B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• Small business system/network administrators• No dedicated security team• No IPv6 considerations internally• No time to learn and set up complex
integrated systems
Intended Use
![Page 9: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/9.jpg)
9B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• Implement Snort/OSSEC on Security Onion VM• Create vulnerability triggers for Snort• Configure IDS to send detection alerts• Configure IDS Web GUI• Primer on known vulnerabilities• Guide to further resources for implementing
IPv6 securely
Deliverables
![Page 10: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/10.jpg)
10B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• Vulnerability triggering alert– RH0 amplification attack
• Snort IPv6 Rules• Email alerts to administrator
Demonstration
![Page 11: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/11.jpg)
11B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
• IPv6 networks are vulnerable• Off the shelf, low cost, configured IPv6
monitoring doesn’t exist• Our IDS makes it easy to monitor small
networks
Conclusion
![Page 12: Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,](https://reader030.fdocuments.us/reader030/viewer/2022032701/56649c7b5503460f9492f664/html5/thumbnails/12.jpg)
12B. Haines / V. Pullano
Addressing IPv6 Vulnerabilities on Small Business Networks
Questions?