Evasion of High-End IDPS Devices at the IPv6 Era

Explore the critical security vulnerabilities in IPv6 networks and learn how to exploit weaknesses in high-end Intrusion Detection and Prevention Systems (IDPS). Delve into four distinct techniques that allow attackers to bypass security measures and launch undetected attacks, from port scanning to SQL injection. Examine the implications of IPv6 depletion, the prevalence of IPv6-enabled devices, and the security challenges posed by this "new" layer-3 protocol. Analyze detailed attack scenarios and their impact on IDPS devices and firewalls. Gain insights into both short-term and long-term mitigation strategies to protect networks from these threats. Cover topics such as the Ricochet Surrogate technique, using Wireshark for analysis, and the importance of RFC 7112 in addressing IPv6 security concerns.

Introduction
What is IPv6
Problems with IPv6
Security enforcement
Ricochet Surrogate
Demo
Wireshark
What could be done
RFC 7112
Questions