security

NCSC has published a new version of their IPv6 white paper

The Dutch National Cyber Security Centre has put a new version (2.0) of their IPv6 white paper online. It is written in cooperation with a number of experts from public and private organizations. Dennis Silva and I also helped out and our article “Niets doen is geen optie”, published in Computable 04-06-2012, was used as one of the references. This article was based on our own IPv6 white paper that we wrote last year and it provided interesting input for discussions on what transition scenarios are feasible and what risks they come with.

It was great to be part of this and I’m proud to see our names, and the company’s, being mentioned in the list of references and contributors. 🙂

The paper is published here: http://www.ncsc.nl/dienstverlening/expertise-advies/kennisdeling/whitepapers/ip-versie-6-ipv6.html

In this version of the IPv6 paper, there is more focus on security risks of migration scenarios. Depletion of the IPv4 address space means that everyone at some point has to decide on an IPv6 strategy. With every scenario, whether it is ‘doing nothing’ or going for a full native IPv6 implementation, comes risk. For instance, 6in4 tunnels can provide unwanted access into secured networks and the default enabled IPv6 in many OSes can provide unnoticed connectivity between nodes that are thought to be isolated.

Erwin