World IPv6 Launch 6.6.2012

World IPv6 Launch is coming after just few days. June 6th may seem like any other day to you, but a group of network operators, kit-makers and websites have determined it will become “World IPv6 launch day”. It means that major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IPv6 for their products and services by 6 June 2012. AT&T, Comcast, Facebook, Google, Cisco, and Microsoft are among the companies participating. The Internet Society, Bing, Facebook, Yahoo!, Google, Comcast, Akamai, AT&T, Cisco and other tech heavyweights are all aboard the IPv6 launch day bandwagon.

Wednesday’s World IPv6 Day is only one step in the transition to the next-generation system, it’s expected to mark the beginning of a gradual (but slow) decline in popularity of the outgoing IPv4 standard. The participating Internet providers will begin to switch over a fraction of their residential subscribers on Wednesday, and router makers will enable IPv6 by default for their products. Home networking kit makers are taking perhaps the biggest step, by shipping IPv6-enabled kit as default. Just four vendors – Cisco, D-Link, NEC AccessTechnica and ZyXEL have made that commitment. Participating ISPs have ensured that at least 1% of their residential wireline subscribers who visit participating websites will do so using IPv6.

logo-top

Turning on IPv6 was tried for one day about one year go at IPv6 day @ 8 June 2011. At the time only very few people at the time had problems at that time, so no major problems are expected now. If you are in doubt does everything work well you on IPv6 day and after it, try the IPv6 test links mentioned on my IPv6 day @ 8 June 2011 article. If everything is done right, customers will not even notice the change to IPv6.

As the Internet prepares to celebrate World IPv6 Day, law enforcement is worried the transition could hinder legitimate investigations. FBI: New Internet addresses could hinder police investigations article tells that the FBI is worried that an explosion of new Internet numeric addresses scheduled to begin next week may hinder its ability to conduct electronic investigations. Some tech companies agree it’s a concern. It will “impact a service provider’s ability to readily respond to legal requests from law enforcement agencies,” according to the Broadband Internet Technical Advisory Group, or BITAG.

At the moment police can obtain a court order to trace an IPv4 Internet address such as 64.30.224.26 back to a single household. In theory, intercepting IPv6-only traffic isn’t any different from intercepting IPv4 traffic. Readily available sniffing tools such as tcpdump and Wireshark can decode IPv6 packets. In practice, however, some hurdles can arise. Any computer with IPv6 has built-in encryption called IPsec, so the frequency of use if it most probably increases with IPv6. IPsec is still not yet widely used. Neither are HTTPS encrypted connections. The FBI says it’s paying close attention to these aspects of IPv6.

28 Comments

  1. Tomi Engdahl says:

    The largest Internet network services, such as Facebook and Google have since moved from Wednesday, and a transition to IPv6. Enterprise security and network experts have reviewed their systems with IPv6 in as soon as is already part of the Internet traffic based on the new protocol.

    “In enterprise networks is already likely to IPv6 traffic, even though the company’s IT department would not have decided to go to did not know,” says telecom operator TDC’s Chief Technology Officer Jorma Mellin.

    “The transition has not been in a hurry, but IPv6 traffic can bring surprises. For that reason, some network applications may stop working. Firewall can also be gaps, as ipv6 is in a different way,” says Jorma Mellin.

    “This is like an evolutionary change. Ten years is probably in IPv4 and IPv6 networks in parallel,” says network maintenance manager Jarkko Helin, TeliaSonera.

    Internet users should not be Helin says to note the transition to IPv6 in any way.

    Telecom operator TDC has reached 100 ipv6-customers. TeliaSonera permission to ipv6 connections from today. “Corporate subscriptions customers can now register IPv6 addresses,” said Jarkko Helin.

    In Finland, Elisa prepares for IPv6 mobile network.

    The long-awaited ipv6 technology requires attention to

    As corporate asset is tested for servers, workstations, printers and network compatibility.
    IPv4 and IPv6 networks can not communicate directly with each other, but the addresses must be converted between.
    Application developers and other IT professionals need to be tested programs, security, and compatibility with the IPv6 protocol.
    IPv6 technology based on the 128-bit address book, which means up to two 128′s IP address. The current IPv4 technology February 32, or about 4.3 billion public-ip-address of the border already looms as the top-level address space, IP addresses have already been allocated.
    IPv6 technology standardization has already begun in the early 1990s.
    The current IPv4 technology interfaces should run broadly parallel with IPv6 technology, with at least another ten years.

    Source: http://www.3t.fi/artikkeli/uutiset/teknologia/internetin_suuri_ipv6_muutos_vaatii_testaamista

    Reply
  2. Tomi Engdahl says:

    5 ways your ISP’s failure to move to IPv6 could affect you
    http://digg.com/newsbar/topnews/5_ways_your_isp_s_failure_to_move_to_ipv6_could_affect_you

    Wednesday is World IPv6 Launch Day, a time when ISPs, major websites and network engineers will permanently flip the switch over a different form of addressing system. For the most part, the IPv6 transition will go unnoticed and few will care about what is an arcane and important element of Internet architecture. But here’s where things may go wrong as IPv4 lingers.

    At its heart the IPv6 addressing issue is exactly that… a big change to a new type of address.

    But darned if the growth of the web (all those servers!) and the growth of consumer devices (all those smartphones!) hasn’t caused the 32-bit addresses to run out. So since about 2007 people started pushing ISPs and websites to switch over to IPv6, which allows for 128-bit numbering system (or a total of 340,282,366,920,938,463,463,374,607,431,768,211,456 possible addresses). But because of a variety of workarounds put in place by ISPs and the general lack of hellfire and damnation to ensure ISPs and web companies make the change or risk getting cut off from the Internet, the transition to IPv6 is happening slowly.

    But here’s how the delay in shifting to IPv6 and the reliance on a workaround could affect you, as a consumer according to a report from the Broadband Internet Technical Advisory Group.

    Trouble with iTunes or Google Maps: For example, some applications, such as Apple iTunes and Google Maps make use of multiple ports for a single transaction. A single user running a single instance of an application on one personal computer may encounter no issues, while a family of four using multiple Internet connected devices concurrently could experience a situation where an open port is unavailable.

    Security: When users share one IP address, the ISP generally creates an abstraction layer to determine where the packets need to go to in the home. But this abstraction layer becomes a security risk. By attacking one IP address, a hacker could take down or infect all Internet-connected devices in a home. It becomes a single point of failure.

    Court orders and DMCA takedowns: Shared IP addresses can make it hard for an ISP to determine who is actually downloading copyright materials.

    Pixellated YouTube videos: The workarounds associated with either sharing a single IP address among a block of users or even a block of homes is just one option. Another is running both networks simultaneously and translating traffic between them.

    Stories about IPv6: As long as networks linger in the land of IPv4 every June, it’s possible you will have to see headlines talking about the need to get everyone to transition to IPv6. Hopefully, ISPs and major web sites are getting on the ball.

    6. State timeouts. Imagine you’re working on SSH and you’re idle for 5 or 10 minutes. Without fast keep alive packets, that session will drop. You actually see this a lot on mobile networks right now. Even if CGN/LSN implementations have the memory to keep long states, they can’t, as port exhaustion will be a huge problem.

    Reply
  3. Tomi Engdahl says:

    After Launch Day: Taking Stock of IPv6 Adoption
    http://tech.slashdot.org/story/12/06/07/1752201/after-launch-day-taking-stock-of-ipv6-adoption

    “So how did World IPv6 Launch go? Surprisingly well, according to a participants at the event. Google said that it has seen a 150% growth in IPv6 traffic, Facebook now has 27 million IPv6 users and Akamai is serving 100x more IPv6 traffic.”

    But it’s still a ‘brocolli’ technology’
    ‘I still think it is a tech everybody knows it would be good if we ate more of it but nobody wants to eat it without the cheese sauce.’

    “According to Google statistics, Romania leads the way with a 6.55% adoption rate, followed by France with 4.67%. Japan is on the third place so far with 1.57% but it seems here ‘users still experience significant reliability or latency issues connecting to IPv6-enabled websites.’ In the U.S., and China the users have noticed infrequent issues connecting to the new protocol, but still the adoption rate is 0.93% and 0.58%, respectively.”

    Reply
  4. international movers glasgow says:

    Action springs not from thought but from a readiness for responsibility.

    Reply
  5. Tomi Engdahl says:

    The 5 Hottest IT Jobs Right Now
    http://www.cio.com/article/712298/The_5_Hottest_IT_Jobs_Right_Now

    If you’re an IT professional with experience building mobile or cloud applications, it’s a good time to be job hunting. That’s because the number of job openings in these areas is up dramatically from last summer.

    “Mobile and cloud are the big categories right now,” said Alice Hill, managing director of Dice.com.

    Also growing – but not as quickly – is the demand for network engineers and skills related to IPv6, the next-generation Internet Protocol.

    Reply
  6. Tomi Engdahl says:

    Top testing challenges for the connected home: IPv6 and TR-069
    http://www.edn.com/design/test-and-measurement/4391911/Top-testing-challenges-for-the-connected-home–IPv6-and-TR-069

    The University of New Hampshire InterOperability Laboratory (UNH-IOL) recently launched the Home Networking Consortium, which provides the broadband industry with a one-stop shop for both Broadband Forum TR-069 testing and Internet Protocol version 6 (IPv6) Ready carrier premises equipment (CPE) Logo testing.

    As the world’s only official laboratory for all Broadband Forum TR-069 testing and the only approved laboratory for IPv6 Ready CPE Logo testing in North America, the UNH-IOL has unique insight into how testing these two technologies in CPE can help operators connect devices in the home to networks of the future and manage the devices for superior customer service.

    and IPv6 are positioned to be the primary technologies for home networks of the future. Engineers cannot properly design and implement devices and systems without comprehensive, reliable evaluation, however. Testing for these two protocols presents a number of challenges

    Reply
  7. Tomi Engdahl says:

    Now it happened then: ipv4 addresses ran out of the whole of Europe

    European Internet registry maintains Ripe NCC announced on Friday that the IPv4-formatted web addresses are now practically exhausted. They are no longer available.
    Only a small number of addresses are available in Ripe member operators and local registers.

    Ripe comes to ration the remaining of the 16 million addresses

    North America, the ipv4 addresses are calculated to end in early 2013.

    The use of IPv6 is still relatively low

    Source: http://www.tietoviikko.fi/kaikki_uutiset/nyt+se+sitten+kavi+ipv4osoitteet+loppuivat+koko+euroopasta/a839436?s=r&wtm=tietoviikko/-17092012&

    Reply
  8. Tomi Engdahl says:

    RIPE NCC handing out last European IPv4 addresses
    Going, going, almost gone
    http://www.theregister.co.uk/2012/09/18/ripe_ncc_last_ipv4_addresses/

    Anyone who wants some more IPv4 addresses can still get them, provided they are already signed up to acquire IPv6 addresses from RIPE NCC or another internet registry. Even if an entity qualifies on those criteria, RIPE NCC will dispense only 1024 IPv4 addresses. No new IPv4 users will be granted any addresses.

    Any IPv4 addresses RIPE NCC hands out will come from a reserve called the “last/8”, which has just over 17 million addresses remaining at the time of writing.

    RIPE NCC maintains a small strategic reserve of IPv4 addresses to help it meet temporary demands

    Reply
  9. Tomi says:

    90 days of IPv6
    http://www.karan.org/blog/index.php/2012/10/03/90-days-of-ipv6

    Most people, me included, still consider IPv6 usage to be something not worth worrying about. This comes from the fact that most services are quite happy chugging along with just IPv4 access at both the service provider end and the service consumer end. However, what happens when an IPv6 option shows up ? Here are some numbers, many will find interesting, from the CentOS Mirrorlist service.

    IPv6 is only really usable in some specific setups and in some specific environments / data centers.

    Reply
  10. Tomi Engdahl says:

    Internet fresh ipv6-address system is expected to bring a lot of good. Cert-fi warn now that something nasty became involved: nearly all operating systems, IPv6 deployments have been found in the fault, which allows at least mischief. Correction is unfortunately not known.

    Since vulnerabilities are virtually all operating systems. An attacker can load machines unusable condition. So far, it has become clear that the vulnerable are Windows, Mac OS X, NetBSD and FreeBSD.

    Linux users appear to be safe.

    Vulnerabilities have not been published fixes, so the only way to prevent such denial of service attacks is to connect the IPv6 functionality off.

    Source: http://www.tietokone.fi/uutiset/ipv6_haava_avaa_hyokkaajille_reitin_lahes_kaikkiin_koneisiin

    Reply
  11. wiki.ustea.org says:

    Thanks for discussing your ideas. I’d also like to express that video games have been actually
    evolving. Modern tools and inventions have aided create sensible
    and enjoyable games. These kind of entertainment video
    games were not really sensible when the real concept was first being used.

    Just like other kinds of technological know-how, video
    games also have had to evolve through many
    generations. This is testimony towards fast growth and development of video
    games.

    Reply
  12. Tomi Engdahl says:

    Watch this: IPv4 must die! So let’s beef up on IPv6
    Online training session – free, ungated and on-demand
    http://www.theregister.co.uk/2014/05/23/introduction_to_ipv6_webinar/

    In this 90-minute webinar QA’s John Cannings looks at the shortcomings of IPv4 and how IPv6 answers the needs of today’s communications systems.

    Reply
  13. Tomi Engdahl says:

    The World IPv6 Launch site has measurements of global IPv6 adoption.
    http://www.worldipv6launch.org/measurements/

    Reply
  14. Tomi Engdahl says:

    Comcast Carrying 1Tbit/s of IPv6 Internet Traffic
    http://tech.slashdot.org/story/14/07/24/1835244/comcast-carrying-1tbits-of-ipv6-internet-traffic

    Comcast has announced 1Tb/s of Internet facing, native IPv6 traffic, with more than 30% deployment to customers.

    AT&T at 20% of their network IPv6 enabled, Time Warner at 10%, and Verizon Wireless at 50%.

    Reply
  15. Tomi Engdahl says:

    Is the End of IPv4 at Hand? Not Anytime Soon…
    IPv4 still has a long life ahead
    http://www.eetimes.com/author.asp?section_id=36&doc_id=1327058&

    The American Registry for Internet Numbers (ARIN) has sent out an alert saying its share of the dwindling IPv4 addresses is near rock bottom, so it is going to a stricter procedure for approving requests for those that are left.

    An article in the Washington Post on the ARIN announcement seems to imply that major changes are imminent, but that we are not to worry because IPv6 is available to save us and give us all the URL addresses we need. Only the second part of that is true. Except for many mobile smartphone and tablet users whose wireless service providers are just now making the shift, the transition to IPv6 will take years and even decades. Many existing Internet Service Providers with IPv4 will be around for a long time. Indeed, there is already a growing market for buying used and highly desirable IPv4 addresses.

    IPv6 with its 340 trillion trillion trillion possible unique combinations has been sitting in the wings as a replacement for IPv4 since about 2000.

    But few if any large organizations with the bankroll to establish a presence on the Internet have felt it was economically viable to invest in it until recently.

    Many of those most active in making the shift are in mobile smartphone markets, including AT&T, Google, T-Mobile, and Verizon. Most of them are still only half-way through their deployment and testing on IPv6.

    Even with the number of its remaining unique addresses drying up, IPv4 still accounts for 93 percent of worldwide Internet traffic.

    The reason there is not a rush on IPv6 is simple: economics. Most local, regional, and in some cases national Internet Service Providers are not able or are unwilling to pay the expense of transitioning from their existing base of IPv4-based routers, switches, and servers, except on a slow and years-long incremental basis. In the United States, only the largest of ISPs have committed to the transition

    But most second and third tier regional, statewide, and local ISPs who have major investments in IPv4 are not rushing to make the shift. Engineers and technicians at the several regional ISPs I have dealt with directly over the last decade or so point out that there is no compelling end-use application that cannot be done with existing IPv4. Since about 2000, through the use of such traditional techniques as the use of several levels of subdomains, dynamic rather than static network address translation (NAT), destination and stateful NAT, NAT loopbacks, port address translation, and Internet connection sharing, they have been able to keep up with demands, not only for more bandwidth, but more features and flexibility.

    Where such enhancements and workarounds put additional load on their network hardware, IPv4 Internet Service providers are shifting to the use of switches and routers based on more powerful and lower cost multicore processor designs. Also aiding their efforts at improving IPv4 is the shift to systems based on software defined networking (SDN). Such routers and switches depend not on dedicated hardware for separate network functions, but on software-based network function virtualization (NFV) allowing lightning -fast reconfiguration of a variety of network elements.

    While such enhancements of existing IPv4-based systems involve additional investment in hardware and software, this can be done at a lower cost, and on a more piecemeal, as needed, basis rather than by replacing their existing IPv4 systems with IPv6.

    In the U.S. that transition will occur more quickly only if one of three things happen: First, a dramatic use case for IPv6 emerges that triggers a demand from users of the Internet, causing IPv4-based ISP companies to make the shift; second, government action is taken either in the form of significant incentives or through a direct statutory requirement; and third, the economics of maintaining IPv4 becomes unviable. Nothing I see now or in the near future makes any of these likely any time soon.

    Reply
  16. Tomi Engdahl says:

    IPv6 Since 20 Years: Why IPv6 Is Better For Privacy And How To Use It Without ISP Support
    https://tlhp.cf/ipv6-without-isp/

    On 1th December 1995 was published the RFC1883 by Internet Engineering Task Force (IETF) – the beginning of new Internet Layer protocol history. More than 20 years have passed since those day and today approximately 10% of all hosts with support IPv6. Internet access (data from Google Statistics). If we look to
    the Per-Country statistics that say: IPv6 is popular in developed countries with technology power (some exceptions available):

    United States – 24.21 %
    Germany – 22.41 %
    Switzerland – 29.21 %
    Portugal – 24.09 % (funny paradox: Spain – 0.06 %)
    Greece – 19.9 %
    Belgium – fantastic 42.96 %
    Peru – 15.85 %

    Why IPv6?

    The biggest reasons:

    addresses: ~ 4 billion in IPv4 vs 3.4×10^38 in IPv6. Four billion is too small for modern Internet: websites, smartphones, IoT (Internet of Things), web-cameras and many more devices. 3.4 * 10^38 can be explained as one IPv6 address for every 1 mm^2 of the Planet Earth upside
    easy management and configuration – IPv6 networks use autoconfiguration, management of big networks is coherent. Can be used without gateways and NAT.
    IPv6 kill NAT – transparent host to host communications is easy and effective. IPv6 support NAT, but no reason to user it cause public address is very cheaply and available for everyone.
    security – IPv6 has built-in the IPSEC protocol suite. Security of IPv4 networks depends from the software, not from Internet Protocol
    innovations in IPV6: scalability, totally multicasting, network layers, mobility.
    bigger data packages: IPv4 have limit up to 64 kB, IPv6 – 4GB.
    IPv6 hosts can generate local and global addresses with Stateless Address Autoconfiguration (SLAAC). Classic works with DHCP is also supported
    single and simple control protocol – ICPMv6
    modular header of the packet

    Security and privacy in IPv6

    In my opinion the most important feature – end-to-end encryption. This technology also implemented in IPv4, but used as non-universal feature. Encryption and integration features of IPv4 VPN is default standard components of IPv6 and used in all v6-networks. IPv6 also have the tons of privacy extension – for example, your public v6 IP can be hidden without VPN , Tor or others popular tools. MITM (man in the middle attack) is more hard in v6-networks. IPv6 extensions can also prevent tracking users from ISP.

    Hardware & Software Support

    The most of modern routers support IPv6: Cisco/Linksys, Netgear, Mikrotik, Zyxel and others. If your router doesn’t support IPv6 – don’t worry, maybe the OpenWrt or DD-Wrt firmwares can help. Please check the instructions for your device. What about Operation System adn browsers? All modern and old OS support IPv6: Linux, Widows, OS X, Android, iOS, Symbian, Bada and many others.

    The most of big websites now work with IPv6: Facebook, Google, YouTube, Yahoo etc.

    If you need to know about IPv6 support in your current Internet provider (ISP), time to open this websites in a browser: (test-ipv6.com)[http://test-ipv6.com/] or ipv6test.google.com.

    IPv6 without ISP support in 60 seconds

    We can create tunnels and use IPv6 everyday. No, this isn’t like cheap or free VPS service with horrible latency and speed – my speed tests confirm that. You can set up tunnels on your PC, laptop or router. I suggest to use tunnel on router – easy way to migrate all your devices to IPv6.

    Best Way – Tunnelbroker from Hurricane Electric
    Alternative Way – Freenet6 from Gogo6

    Have fun with IPv6

    Reply
  17. Tomi Engdahl says:

    Big question of the day: Is it time to lock down .localhost?
    IETF considering making a new .onion
    https://www.theregister.co.uk/2017/08/08/time_to_lock_down_localhost/

    A proposal to tightly lock down localhost as a reserved top-level domain name has bubbled up to the surface again at the Internet Engineering Task Force.

    The hostname localhost is used just about everywhere: it’s useful for referring to the computer you’re using in front of you, or whatever machine a piece of software is running on. It’s useful during the development of applications and networked systems. So useful, in fact, that it is one of a very few “special” names given formal protection on the internet (the others being “test,” “example,” and “invalid”).

    But, as Google engineer Mike West noted in September last year, the protections in place may not be sufficiently strict. The relevant RFCs covering use of localhost say that the IPv4 block 127.0.0.1/8 and IPv6 block ::1/128 are reserved as loopback addresses: packets to these addresses stay on the local machine, aka the localhost. This localhost name and any names falling within .localhost are reserved, and that programmers can “assume that IPv4 and IPv6 address queries for localhost names will always resolve to the respective IP loopback address.”

    Thus, software connecting to localhost should resolve to, say, 127.0.0.1, and therefore connect to the host machine.

    This may seem tickety-boo, but it doesn’t seem very concrete – particularly when you realize that software is expected to run localhost past DNS resolvers to look up, which are expected to return a loopback address, such as 127.0.0.1. That has resulted, West claims, in people hardcoding localhost to 127.0.0.1 in their system configurations to ensure an external resolver doesn’t hijack localhost.

    Great. So what? Well, the inclusion of a hardcoded IPv4 address is only going to cause problems down the line as we slowly move to IPv6. It’s just bad engineering.

    And now implementation

    Which all seems pretty reasonable and straightforward. Except this being the internet and the IETF, the question is not whether you should do it, but how. And that is where the problems start.

    West put out a revised version of his draft proposal on Sunday, and is looking to move it forward to becoming an IETF standard. The new draft has already prompted online discussion.

    The big question is whether, in order to ensure that “localhost” connections never reach out to the broader internet, you need to add the name to the internet’s root servers.

    One advocate for the new RFC agrees that adding “.localhost” to the root zone is a bad idea “because it would mask implementation errors” – any accidental live connections should get an error.

    Interestingly, where this localhost discussion ends up will probably be indicative of a much bigger issue: how important is IPv6 transition to internet engineers?

    Reply
  18. Tomi Engdahl says:

    IPv6 security
    https://hackaday.com/2021/05/14/this-week-in-security-fragattacks-the-pipeline-codecov-and-ipv6/
    As a new Starlink customer (review coming soon), and consequently using IPv6 for the first time, I’m excited and a bit concerned by IPv6. The excitement should be obvious, but I’m concerned because so many of our security habits and assumptions don’t necessarily translate to IPv6. For example, you probably know exactly what ports, if any, you’re exposing on your public IPv4 address. Have you stopped and thought about what ports are exposed on your IPv6 addresses? Remember that Windows HTTP hack from above? I fully expect to eventually see a worm that replicates over IPv6, though various means.
    There are, thankfully, already some IPv6 port scanning services. It might be worth taking a minute to double-check that your IPv6 firewall is working as intended, if you have IPv6 service. IPv6 is working seamlessly enough that your ISP may have rolled out support without you noticing, but if you are concerned with security, you should notice — we’ve all gotten a bit lax, taking IPv4 NAT routing for granted.

    Reply
  19. Tomi Engdahl says:

    Et saa IPv6 reitittimen taakse, kun DNA:lla prefixi on vain tuo /64. Ratkaisu on esim: https://github.com/cvmiller/v6brouter

    Reply
  20. Tomi Engdahl says:

    https://www.facebook.com/cybersec.prism/photos/a.2047976635522412/2865447637108637/?type=3

    The 128-bit IPv6 addressing format offers 340 sextillion IP addresses, making it extremely future-proof. But, that’s not all; IPv6 is also considered a protocol of better reliability, security and privacy. Also, IPv4 packets are often blocked by corporate firewalls because they could potentially carry malware.

    Today’s networks, whether they have IPv6 deployed in them or not, are largely IPv6-compatible. All modern operating systems and network devices employ IPv6 dual-stacks, in which IPv6 is turned on by default.
    According to the State of Internet IPv6 Adoption Visualisation published by Akamai, India tops the list of all countries with 59.7% IPv6 connections.
    How Does IPv6 Handles Many Security Concerns upfront?

    Actually, IPv6 is vastly different from IPv4, often in complex and subtle ways.

    (1) The IPv6 operating systems create automatically two IPv6 addresses.
    One IPv6 with randomised MAC address in the suffix to hide the device identity and be used for web surfing so that nobody can identify who is connecting to its web site.
    And another IPv6 with real MAC address which is only used for end-to-end encrypted applications. Such services, for the time being, are non-existent but will be available with the next wave of internet innovations.

    (2) IPv6 has a privacy protocol to protect end-user privacy.
    The current internet (v4) lacks effective privacy and effective authentication mechanisms beneath the application layer. IPv6 remedies these shortcomings by having a few integrated options that provide security and privacy services.

    (3) IPv6 can run end-to-end encryption.
    While this technology was retrofitted into IPv4, it remains an optional extra that isn’t universally used. The encryption and integrity-checking used in current VPNs, especially required for work-from-home applications, is a standard feature in IPv6, available for all connections and supported by all compatible devices and systems. Widespread adoption of IPv6 will, therefore, make man-in-the-middle attacks significantly more difficult.

    (4) IPv6 also supports more-secure name resolution.
    The Secure Neighbour Discovery (SEND) protocol is capable of enabling cryptographic confirmation to confirm the identity of the host at the time of the connection. This renders Address Resolution Protocol (ARP) poisoning and other naming-based attacks more difficult. And, while it isn’t a replacement for application or service-layer verification, it still offers an improved level of trust in connections. With IPv4, it is fairly easy for an attacker to redirect traffic between two legitimate hosts and manipulate the conversation or, at least, observe it.

    (5) IPv6 promises better reliability and security
    As IPSec, a protocol for authenticating and securing all IP data, is built into IPv6 as a default. Though IPv4 also offers IPSec support as an optional feature, it is mandatory in IPv6. IPSec consists of a set of cryptographic protocols designed to provide security in data communications. IPSec has some protocols that are part of its suite: AH (Authentication Header) and ESP (Encapsulating Security Payload). The first provides for authentication and data integrity, the second, in addition to these, also for confidentiality.
    ___________________________
    You can watch all the videos of Cybersecurity Series here:
    Facebook Page : Cybersecurity Prism https://www.facebook.com/cybersec.prism/
    You can connect with me:
    Hear My Podcast: https://anchor.fm/meena-r
    Linkedin Page : Cybersecurity Prism https://www.linkedin.com/company/10117131/
    Facebook Group : Cybersecurity Forever https://www.facebook.com/groups/cybersec.forever/
    ___________________________

    #cloudsecurity #computers #Cyber #cyberattack #Cybersecurity #cybersecurityawareness #cybersecuritythreats #cybersecuritytraining #cyberthreats #datasecurity #EthicalHacking #hacked #Hackers #Hacking #infosec #iot #IT #itsecurity #KaliLinux #linux #malware #networking #pentesting #privacy #ransomeware #security #technology #computersecurity #computerscience #wifi

    Reply
  21. Tomi Engdahl says:

    NSA Publishes Security Guidance for Organizations Transitioning to IPv6
    https://www.securityweek.com/nsa-publishes-security-guidance-organizations-transitioning-ipv6/

    NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

    Reply
  22. Tomi Engdahl says:

    AWS: IPv4 addresses cost too much, so you’re going to pay https://www.theregister.com/2023/07/31/aws_says_ipv4_addresses_cost/

    Cloud giant AWS will start charging customers for public IPv4 addresses from next year, claiming it is forced to do this because of the increasing scarcity of these and to encourage the use of IPv6 instead.

    It is now four years since we officially ran out of IPv4 ranges to allocate, and since then, those wanting a new public IPv4 address have had to rely on address ranges being recovered, either from from organizations that close down or those that return addresses they no longer require as they migrate to IPv6.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*