Návrh systému pro testování zabezpečení sítě IPv6 a zpracování incidentů v prostoru privátních adres

Design of a system for testing security in IPv6 networks and processing incidents containing private addresses

contract

IPv6, security, NetFlow, NAT

IPv6 protocol is deployed in most cases together with network address translation
technique (NAT). The combination of IPv6 deployment and NAT introduces several
issues for network administrators. Firstly, the network administrator must ensure
the same level of security both for IPv6 and IPv4 networks. Secondly, NAT raises
an issue with trackig security incidents because it is necessary to correctly
bind global and private IPv4 addresses. The project aims to solve these issues.
Active networking probe will be developed to test the protection of IPv6 network
against known vulnerabilities. Information about binding between global and
private IPv4 addresses will be solved by developing a plugin for current NetFlow
probes. The plugin will export all necessary information about network
translation thus allowing network administrator to trace back a security
incident. The outcomes of the project will help to test the security of IPv6
network and provides all information to easily trace back a security incident
even in network with private IPv4 addresses.

Grégr Matěj, Ing., Ph.D. (DIFS) – research leader
Korček Pavol, Ing., Ph.D. (DCSY)