Training Courses‎ > ‎

IPv6 Hacking Crash Course



The IPv6 protocol suite was designed to accommodate the present and future growth of the Internet, by providing a much larger address space than that of its IPv4 counterpart, and is expected to be the successor of the original IPv4 protocol suite. The imminent exhaustion of the IPv4 address space has resulted in the deployment of IPv6 in a number of production environments, with many other organizations planning to deploy IPv6 in the short or near term.

There are a number of factors that make the IPv6 protocol suite interesting from a security standpoint. Firstly, being a new technology, technical personnel has much less confidence with the IPv6 protocols than with their IPv4 counterpart, and thus it is more likely that the security implications of the protocols be overlooked when the protocols are deployed. Secondly, IPv6 implementations are much less mature than their IPv4 counterparts, and thus it is very likely that a number of vulnerabilities will be discovered in them before their robustness matches that of the existing IPv4 implementations. Thirdly, security products such as firewalls and NIDS’s (Network Intrusion Detection Systems) usually have less support for the IPv6 protocols than for their IPv4 counterparts. Fourthly, the security implications of IPv6 transition/co-existence technologies on existing IPv4 networks are usually overlooked, potentially enabling attackers to leverage these technologies to circumvent IPv4 security measures in unexpected ways.
The imminent global deployment of IPv6 has created a global need for security professionals with expertise in the field of IPv6 security, such that the aforementioned security issues can be mitigated. 

While there exist a number of courses and trainings about IPv6 security, they either limit themselves to a high-level overview of IPv6 security, and/or fail to cover a number of key IPv6 technologies (such as transition/co-existence mechanisms) that are vital in all real IPv6 deployment scenarios. During the last few years, SI6 Networks has offered its flagship course “Hacking IPv6 Networks”, providing in-depth hands-on IPv6 security training to networking and security professionals around the world.

IPv6 Hacking Crash Course provides a full-day intensive IPv6 hacking experience, focusing on hands-on IPv6 hacking exercises. The training is carried out by Fernando Gont, a world-renowned IPv6 security expert.

Learning Objectives

This course will provide the attendee with a full-day intense IPv6 hacking experience, focusing on hands-on IPv6 hacking exercises. IPv6 theory is reduced to a minimum, and participants are guided through a series of hands-on exercises ranging from IPv6 network reconnaissance to a number of IPv6-based Denial of Service attacks.

This course will employ a range of open source tools to evaluate the security of IPv6 networks, and to provide live demos of many IPv6 vulnerabilities. During the course, the attendee will perform a large number of exercises in a network laboratory (with the assistance of the trainer) and on the public IPv6 Internet, to get a real experience of what IPv6 security is all about.

Who Should Attend

Network Engineers, Network Administrators, Security Administrators, Penetration Testers, and Security Professionals in general.

Participants Are Required To

Participants are required to have a good understanding of the IPv4 protocol suite (IPv4, ICMP, etc.) and of related components (routers, firewalls, etc.). Additionally, the attendee is expected to knowledge about basic IPv4 troubleshooting tools, such as: ping, traceroute, and network protocol analyzers (e.g., tcpdump)

What to bring

Attendees willing to perform the hands-on exercises are expected to bring a laptop, and an empty memory stick (of at least 4 GB). The minimum requirements for the laptop are: Intel Core Duo, 1.66 GHz. 1GB of RAM. CD/DVD drive. Ethernet and Wi-Fi network interface cards.

Course Length

1 day

Topics covered by this course

Brief Introduction to IPv6
Address scanning in IPv6
IPv6 Extension Headers and IPv6 Options for fun and profit
ICMPv6 for network reconnaissance
IPv6 Neighbor Discovery Attacks
Stateless Address Auto-configuration (SLAAC) Attacks
Dynamic Host Configuration Protocol version 6 (DHCPv6) attacks
DNS tricks for IPv6
IPv6 firewalls
Playing with IPv6 Transition/co-existence technologies (6to4, Teredo, ISATAP, etc.)
Network reconnaissance in IPv6
VPN-leakages in dual-stack and IPv4-only networks
Security Implications of IPv6 on IPv4-only networks
Miscellaneous topics

About the Instructor

Fernando Gont specializes in the field of communications protocols security, working for private and governmental organizations both in Argentina and overseas.

Gont has worked on a number of projects for the UK National Infrastructure Security Co-ordination Centre (NISCC) and the UK Centre for the Protection of National Infrastructure (CPNI) in the field of communications protocols security. As part of his work for these organizations, he has written a series of documents with recommendations for network engineers and implementers of the TCP/IP protocol suite.

Gont is a member of the Centro de Estudios de Informatica (CEDI) at Universidad Tecnológica Nacional/Facultad Regional Haedo (UTN/FRH) of Argentina, where he works in the field of Internet engineering. As part of his work, he is active in several working groups of the Internet Engineering Task Force (IETF), and has published more and a dozen IETF RFCs (Request For Comments).

Gont has been a speaker at a number of conferences and technical meetings about information security, operating systems, and Internet engineering, including: CanSecWest 2005, BSDCan 2005, BSDCan 2009, Midnight Sun Vulnerability and Security Workshop/Retreat 2005, FIRST Technical Colloquium 2005, Kernel Conference Australia 2009, DEEPSEC 2009, HACK.LU 09, IETF 64, IETF 67, IETF 73, IETF 76, LACNIC X, LACNIC XI, LACNIC XII, LACNOG 2010, and Hack In Paris 2011.

More information about Fernando Gont is available at his web site: