What's your company doing to prepare for IPv6? Probably not an awful lot. While 10% of the world's top websites now offer IPv6 services, most companies haven't formulated an IPv6 strategy for the network. However, the issue is that most devices you have rolled out in the past 5 years have been IPv6-ready, if not IPv6-enabled. Windows 7 and Windows Server 2008 actually use IPv6 link-local addresses by default. Also think about all the other clients, servers, appliances, routers, and mobile devices you've added to your network in recent years. If you’re honest, how do you know that your network is not vulnerable to IPv6 attacks right now?
That's why even if you haven't set up an IPv6 network internally yet, you should test for IPv6 vulnerabilities. Here are some common security issues that you may find:
Metasploit can now conduct penetration tests on IPv6 networks to uncover these security issues, enabling you to find these issues:
The new IPv6 support is now available in all current editions of Metasploit - download your latest copy now. Security researchers working on IPv6 vulnerabilities can now submit a Metasploit exploit or auxiliary module for use by the security community through Github.
If you're interested in more in-depth information, HD Moore is offering a free training on IPv6 security on March 28. Register now to get it on your calendar!