Design of a system for testing security in IPv6 networks and processing incidents containing private addresses

Czech title:Návrh systému pro testování zabezpečení sítě IPv6 a zpracování incidentů v prostoru privátních adres
Reseach leader:Grégr Matěj
Team members:Korček Pavol
Agency:CESNET National Research and Education Network
Start:2015-06-01
End:2016-06-30
Keywords:IPv6, security, NetFlow, NAT
Annotation:
IPv6 protocol is deployed in most cases together with network address translation technique (NAT). The combination of IPv6 deployment and NAT introduces several issues for network administrators. Firstly, the network administrator must ensure the same level of security both for IPv6 and IPv4 networks. Secondly, NAT raises an issue with trackig security incidents because it is necessary to correctly bind global and private IPv4 addresses. The project aims to solve these issues. Active networking probe will be developed to test the protection of IPv6 network against known vulnerabilities. Information about binding between global and private IPv4 addresses will be solved by developing a plugin for current NetFlow probes. The plugin will export all necessary information about network translation thus allowing network administrator to trace back a security incident. The outcomes of the project will help to test the security of IPv6 network and provides all information to easily trace back a security incident even in network with private IPv4 addresses.

Products

2016System for testing IPv6 network security, software, 2016
Authors: Dražil Jan, Fukač Tomáš, Grégr Matěj, Korček Pavol, Košař Vlastimil, Pivarník Jozef, Polčák Libor
 Tool for processing security incidents in private networks, software, 2016
Authors: Grégr Matěj

Publications

2015GRÉGR Matěj. Souhrnná zpráva k projektu Návrh systému pro testování zabezpečení sítě IPv6 a zpracování incidentů v prostoru privátních adres za rok 2015. Brno: CESNET National Research and Education Network, 2015.
 PODERMAŃSKI Tomáš and GRÉGR Matěj. Implementujeme Carrier Grade NAT: Nečekané nástrahy. ROOT, informace nejen ze světa Linuxu. Praha: 2015, vol. 2015, no. 1, pp. 1-10. ISSN 1212-8309.
 PODERMAŃSKI Tomáš and GRÉGR Matěj. Implementujeme Carrier Grade NAT: Zákon, alternativy a IPv6. ROOT, informace nejen ze světa Linuxu. Praha: 2015, vol. 2015, no. 1, pp. 1-10. ISSN 1212-8309.
 PODERMAŃSKI Tomáš and GRÉGR Matěj. Implementujeme Carrier Grade NAT: Zálohování. ROOT, informace nejen ze světa Linuxu. Praha: 2015, vol. 2015, no. 1, pp. 1-10. ISSN 1212-8309.

Your IPv4 address: 54.198.108.19
Switch to IPv6 connection

DNSSEC [dnssec]