2020
ft6: Firewalltester for IPv6
2019
Snort3 IPv6 Plugin
IDSv6 Benchmark: Pcap Suite for IPv6
2015
Hyhoneydv6: A hybrid Honeypot Architecture for IPv6 Networks
ad6: Anomaly Detection for Distributed IPv6 Firewalls
2013
Honeydv6: A low-interaction IPv6 honeypot
2011
IPv6 Intrusion Detection System
Cooperation with the Beuth University of Applied Sciences, the EANTC AG and the Strato AG
2008
Migration of MPICH-2 and OpenMPI to IPv6
Cooperation with the University Jena
Distributed Run between University Potsdam and
University Jena
at IPv6 Summit
The LIDAR-tool calculates microphysical parameters of particles in the atmosphere from LIDAR-measurements.
It was developed in cooperation with the Institute of Mathematics. Using MPI-2/IPv6.
2005
High-Performance Computing on top of IPv6: MPICH1/IPv6a
2004
Loaded: IPv6 Server Load Balancer Presentation at CeBIT 2004
2002
IPv6 Showcase
Prof. Kalkbrenner, Prof. Rebensburg, Prof. Schnor
Hyhoneydv6 was designed to efficiently allow the deployment of high-interaction honeypots in IPv6 networks. The hybrid framework includes a combination of low- and virtual machine-based high-interaction honeypots. Low-interaction honeypots in the Hyhoneydv6 architecture process network scans and attacks to less complex network services. High-interaction honeypots focus on the processing of attacks to complex and proprietary network services. The Hyhoneydv6 architecture includes a newly developed proxy mechanism which allows to transparently forward attackers from low- to high-interaction honeypots.
Hyhoneydv6: A hybrid Honeypot Architecture for IPv6 Networks
Sven Schindler, Bettina Schnor and Thomas Scheffler
International Journal of Intelligent Computing Research (IJICR)
December 2015
Taming the IPv6 Address Space with Hyhoneydv6
Sven Schindler, Bettina Schnor and Thomas Scheffler
World Congress on Internet Security (WorldCIS)
Dublin, Ireland, October 2015
Concerning the design of a security architecture, Firewalls play a central role to secure computer networks. Facing the migration of IPv4 to IPv6, the setup of capable firewalls and network infrastructures will be necessary. The semantic differences between IPv4 and IPv6 make misconfigurations possible that may cause a lower performance or even security problems. For example, a cycle in a firewall configuration allows an attacker to craft network packets that may result in a Denial of Service. This paper investigates model checking techniques for automated policy anomaly detection. It shows that with a few adoptions existing approaches can be extended to support the IPv6 protocol with its specialities like the tremendously larger address space or extension headers. The performance is evaluated empirically by measurements with our prototype implementation.
Anomaly Detection for Distributed IPv6 Firewalls
Claas Lorenz and Bettina Schnor
12th International Conference on Security and Cryptography (SECRYPT)
Colmar, France, July 2015
Honeydv6 is a low-interaction honeypot which is able to simulate entire IPv6 networks to efficiently observe i network scan approaches and assaults. It extends the well-known low-interaction honeypot solution Honeyd with a custom IPv6 stack and a new dynamic honeypot instantiation mechanism. The utilisation of a custom network stack implementation allows Honeydv6 to simulate multiple hosts with different IPv6 addresses on a single host and to observe even low-level IPv6 attacks, such as assaults to the IPv6 fragmentation mechanism. The dynamic instantiation mechanism spawns new low-interaction honeypots on-demand based on attackers' destinations. This approach allows Honeydv6 to cover large IPv6 address spaces and to respond to attacks that target arbitrary IPv6 address ranges.
IPv6 network attack detection with Honeydv6
Sven Schindler, Bettina Schnor, Simon Kiertscher, Thomas Scheffler and Eldad Zack
Communications in Computer and Information Science (CCIS), ISBN: 978-3-662-44787-1
Springer Press, August 2014
Honeydv6: A low-interaction IPv6 honeypot
Sven Schindler, Bettina Schnor, Simon Kiertscher, Thomas Scheffler and Eldad Zack
10th International Conference on Security and Cryptography (SECRYPT)
Reykjavìk, Iceland, July 2013
Web traffic is currently one of the most important applications in the Internet. The increasing popularity of dynamically generated content on the World Wide Web, has created the need for fast web servers. Server clustering together with server load balancing has emerged as a promising technique to build scalable web servers. We developed and evaluated Loaded, a userspace server load balancer for IPv4 and IPv6 based on Linux.
Loaded was presented at the CeBIT 2004.
Problem: private cluster addresses
The Message Passing Interface (MPI) is a standard specification for message-passing libraries. It is the most widely used message passing library for parallel applications on compute clusters. It has become a de facto standard for high-performance parallel applications and is supported on a wide range of architectures, starting from clusters of PCs up to shared memory and vector machines. Various groups from industry and academia are working on MPI implementations. Several freely available implementations exist and, further, so called vendor MPI implementations exist, which are tuned for special hardware. We investigated how MPI can be implemented easily on top of an IPv6 network.
But why is there a need to enable these new MPI-2 implementations to support IPv6? The motivation is given by the Grid computing trend where several different compute sites are used to run parallel applications. For example, a user may want to run his applications distributed over different medium sized compute clusters within a university campus. The typical situation then is that the nodes within a cluster have private IP addresses, which makes inter-cluster communication impossible.
We propose to make use of IPv6 because the available solutions for IPv4 impose some performance penalties. Virtual private networks (VPN) require a lot of administration efforts. Special purpose deamons on the head node of each cluster (like PACX) have to handle the communication of all compute nodes of its cluster.
In cooperation with the University Jena, we developed IPv6 enabled MPI versions for the both most popular implementations: MPICH2 and OpenMPI. Measurements of the implementations show that both MPI/IPv6 implementations have similar performance compared to their IPv4 versions.
Prof. Kalkbrenner, Prof. Rebensburg, Prof Schnor
The Institute of Informatics at the University of Potsdam initiated together with T-Systems and other partners from industry and research the project "IPv6 Showcase" in 2002. The goal was to evaluate whether IPv6 was already in a status where it could be used in practice. The appointed IPv6 lab at the institute allowed measurements of performance and conformity. The project identified problems with the deployment of IPv6 and has developed various solutions. Moreover, the project has been providing various implementations of IPv6-based applications.
