摘要
The IPv4 protocol suite is vulnerable to a variety of attacks. IPv6 security is in many ways the same as IPv4 security, the basic mechanisms for transporting packets across the network stay mostly unchanged, and the upper-layer protocols that transport the actual application data are mostly unaffected. This paper illustrates sniffing threat against IPv4 and then compares how the threat might influence an IPv6 networks. This is prefaced by a brief overview of current practices around the design of an IPv4 Internet edge network and then followed by a review of how that IPv4 edge network needs to evolve in order to secure the addition of IPv6. As IPv6 security is a large and complex subject, and also, IPv6 network is still at the very beginning stage and has not been fully examined in fact, this paper focus on the security requirements of medium edge networks.
The IPv4 protocol suite is vulnerable to a variety of attacks. IPv6 security is in many ways the same as IPv4 security, the basic mechanisms for transporting packets across the network stay mostly unchanged, and the upper-layer protocols that transport the actual application data are mostly unaffected. This paper illustrates sniffing threat against IPv4 and then compares how the threat might influence an IPv6 networks. This is prefaced by a brief overview of current practices around the design of an IPv4 Internet edge network and then followed by a review of how that IPv4 edge network needs to evolve in order to secure the addition of IPv6. As IPv6 security is a large and complex subject, and also, IPv6 network is still at the very beginning stage and has not been fully examined in fact, this paper focus on the security requirements of medium edge networks.
基金
Supported by the China Next GernerationInternetProgram(CNGI-04-6-2T)
