2-DAY TRAINING 5: Pentesting and Securing IPv6 Networks


CAPACITY: 20 pax


PRICE: EUR1499 (early bird)

EUR1999 (normal)

Early bird registration rate ends on the 14th of February



This training explains the IPv6 issues, concentrating on the security vulnerabilities inherent in the protocol as well as configuration issues and implementation problems. All so far known vulnerabilities are presented and students will be able to try them out hands-on themselves with supplied tools on the test network.

Then – switching sides – it is explained how to secure IPv6 systems (Windows, Linux, routers, firewalls) and especially large networks including routing and how to solve the difficult firewalling questions which arise with IPv6. Features like SEND, new DHCP6 developments and tunnels etc. are included.

After the training you have learned how to test your own systems and networks for IPv6 security issues and how to secure them.

Learn directly from one of the main IPv6 security researcher and author of the thc-ipv6 toolkit.


Day 1

  • Introduction to IPv6 (the mindset behind IPv6, how does it work, what is different to IPv4, new features)
  • Vulnerabilities in IPv6 (inherent risks in IPv6, problems in ICMPv6, mobile IPv6
  • How to pentest IPv6 networks from remote
  • How to pentest IPv6 networks locally
  • Vulnerabilities with tunnel and migration issues (e.g. 6to4, Teredo,ISATAP), configuation issues, implementation problems)
  • Includes lots of hands-on time (scanning local and remote networks, performing various man-in-the-middle attacks based on ICMP6, attacking
    dual stack systems, etc.)

Day 2

  • continue of day 1
  • Securing IPv6 in systems (Windows, Solaris, Linux and Cisco configuration options)
  • Firewalling and filtering IPv6 networks (IPv6 capable firewalls, filter rules recommendation, vendor specific firewall issues)
  • Multiast and routing in IPv6 networks IPSEC in IPv6
  • Securely migrating to IPv6
  • DNS and IPv6

Student Requirements

Trainees must have at least basic knowledge in Linux, TCP/IP and IT security – the more the better.

What to Bring

Trainees must bring a Laptop with Linux (Kali recommended) installed, either native or in Virtual Machine. Ethernet adapter required.

Location: NH Krasnapolsky Date: May 24, 2016 Time: 9:00 am - 6:00 pm Marc Heuse