[governance] How to Prevent Cyber War (IPv4 / IPv6 differences?)

John Curran jcurran at arin.net
Wed Feb 3 00:48:08 EST 2010


On Feb 3, 2010, at 1:39 PM, Thomas Lowenhaupt wrote:

> John,
> 
> Having seen your recent contributions on this list relating to IPv6 
> allocations, I'm wondering if you are aware of differences that we might 
> encounter in regard to Cyber War potentials as we move from 4 > 6.
> 
> If you are aware of any, perhaps you, or someone else on the list, might 
> point out any differences.

There are folks in the security field who could better address this,
but I'll outline three major differences which I see as relevant:

1. IPv6 address space is very large, and this does allow a new 
   defense against the traditional scanning done by viruses &
   worms.  By allocating non-sequential/sparse addresses to your
   hosts, viruses are less likely to find other systems on your
   networks.  There's a very nice writeup of this property and
   the caveats that apply in RFC5157.

2. Short-term, the appearance of various gateways between IPv4
   and IPv6 is going to make verifying the other end of a given
   connection rather difficult.  E.g.  Your server was broken
   into, and via exceptional record keeping and forensic skills
   you manage to determine it came from IPv4 address xx.yy.zz.ii.
   When you try and track that down, it turns out to have been
   dynamically assigned by an ISP to one of his new customers
   whose actual connection is over IPv6.  Will that ISP be able
   to determine who had been temporarily assigned xx.yy.zz.ii 
   some number of days back at a certain time of day?  

3. Back to my point about accountability: At present, one of 
   the major reasons that ISPs maintain public records of their
   IP address allocations to customers is that this information 
   is used to determine their actual usage when they apply for 
   an additional IPv4 allocation from their local friendly 
   Regional Internet Registry (RIR).  This happens on a 6 to
   12 month interval for many growing ISPs.  With IPv6 and the
   guidance received from the IETF and the ISP community, the 
   minimum allocation size to ISPs is such that many may never
   come back for an additional allocation and hence the need
   to keep the public records of suballocations accurate may
   be greatly reduced or eliminated altogether.

I hope this helps in your consideration of the topic,
/John



____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

Translate this email: http://translate.google.com/translate_t


More information about the Governance mailing list