IPv6 enabled new significant features to be achieved and overcame many previous vulnerabilities, it has been able to find a definitive solution to the persistent attrition of addresses, achieve the autoconfiguration of addresses, collect the routing paths effectively in the routing tables, and get the ability to connect directly with the network through plug and play mode.
On the other hand, this has caused new weak points that can be exploited to launch various attacks, especially through ICMPv6 (Internet Control Messages Protocol version 6) which is no longer optional as in IPv4, Because it has an essential role to play in each of SLAAC (Stateless Address Autoconfiguration), NDP (Neighbor Discovery Protocol), and DAD (Duplicate Address Detection), which necessitated the development of security techniques, since the full filtering of ICMPv6 messages is no longer available.
In this article, an Intrusion Detection and Prevention System will be tested to process multiple vulnerabilities in IPv6 protocol, where a set of rules and signatures are formed to match varied patterns of attacks, which have been implemented by Python.
Research Journal of Aleppo University.
2018.
Students
Teachers
Graduates
Faculties
