Security aspects in IPv6 networks - implementation and testing

IPv6 protocol, which should replace the actual IPv4 protocol, brings many new possibilities and improvements considering simplicity, routing speed, quality of service and security. In comparison to IPv4, IPv6 improves mechanisms for assuring a secure and confidential transfer of information. Despite these improvements, network security remains a very important issue since there are some security threats and attack types that can affect IPv6 network. This paper deals with security issues in IPv6 networks. Security improvements and extensions in the IPv6 protocol are described and explained. Also, security comparison to IPv4 is made. A description of the experimental IPv6 network and a description of tools used for security testing are presented in the paper. Security threats similar in IPv4 and IPv6 networks are described, and some security issues specific for IPv6 networks are also analysed. Different types of attacks in IPv6 networks are analysed and some suggestions for their avoidance are given. Considering security, especially problematic is the transition period of coexistence of both protocols. Because of that, security issues due to different transition mechanisms are analysed. Further, the paper studies firewalls in IPv6 networks. Implementation of firewalls in IPv6 networks and IPv6 specific firewall configurations are analysed. Different tests of firewalls are performed, and their results are analysed. Also, comparison with IPv4 firewalls is made. Some suggestions referring to proper deployment of firewalls are given. This paper also deals with detection of unauthorised intrusion. Different approaches to intrusion detection are explained and different types of intrusion detection systems are described. Suggestions for proper positioning of intrusion detection systems in the local area network are given. In absence of non-commercial intrusion detection systems with IPv6 support, some alternative possibilities of intrusion detection are explained. The paper analyses methods of intrusion detection by using tools for network traffic capturing and analysis (with IPv6 support). Different types of attacks are performed and their effects are presented and explained. Instructions for recognition and detection of different attacks are given. Some recommendations for avoiding certain attack types or reducing their effect are given. Practical advices and guidelines in implementation of security mechanisms for packet filtering and detection of unauthorized intrusion are emphasized. Finally, some recommendations for improving security mechanisms and guidelines for further development of intrusion detection systems with IPv6 support are given. (C) 2007 Elsevier Ltd. All rights reserved.