Some talks about IPv6 security
During the past few weeks I gave several talks about IPv6 security, at different venues. The first venue was LACNIC XV, held in Cancun (Mexico), where I gave a tutorial…
IPv6 myths: Debunking misconceptions regarding IPv6 security features
An article I authored for searchsecurity.techtarget.com has just been published. The articled is entitled "IPv6 myths: Debunking misconceptions regarding IPv6 security features" and discusses a number of myths that have…
Smartphones and location-tracking (Dilbert strip)
Reminds me of the iPhone & Andriod issue that made the news a while ago:iPhone: http://blogs.cisco.com/security/iphone-location-tracking-important-even-if-it-doesnt-matter-to-you/Android: https://github.com/packetlss/android-locdumpP.S.: No need to mention that I'm a DIlbert fan ;-)
RA-Guard evasion and related vulnerabilities
I've just published two new IETF Internet-Drafts, that document the problem of RA-Guard evasion, and propose mitigations.They are two Internet-Drafts:IPv6 Router Advertisement Guard (RA-Guard) Evasion, available at: http://tools.ietf.org/id/draft-gont-v6ops-ra-guard-evasion-00.txtSecurity Implications of…
RFC 6191: Reducing the TIME-WAIT State Using TCP Timestamps
A new IETF RFC that I have authored has been published. It is RFC 6191, entitled "Reducing the TIME-WAIT State Using TCP Timestamps". The Abstract of the RFC is:This document…
The RSA SecurID Problem
Steven Bellovin posted an analysis of the widely-publicized RSA SecurID issue. His analysis is available here.
Biometric controls (Malaysia car thieves steal finger)
From a BBC article:Malaysia car thieves steal fingerPolice in Malaysia are hunting for members of a violent gang who chopped off a car owner's finger to get round the vehicle's…
Software quality (Dilbert comic strip)
Dilbert always gets it right: -)Visit dilbert.com for more comic strips! ;-)
Why IPv6 won’t rid the Internet of Network Address Translation
SearchEnterpriseWAN.com has published an article entitled "Why IPv6 won't rid the Internet of Network Address Translation" that I have authored for them.The article begins with:Why IPv6 won't rid the Internet…
Recommendations for Transport-Protocol Port Randomization (IETF RFC 6056)
Folks,Our document "Recommendations for Transport-Protocol Port Randomization" has just been published as IETF RFC 6056.The Abstract of the RFC is:During the last few years, awareness has been raised about a…