• Title/Summary/Keyword: IPv4

Search Result 421, Processing Time 0.025 seconds

A 4to6 DSTM Architecture Supporting Transparent Connections from IPv4 Hosts to IPv6 Hosts in Integrated IPv6/IPv4 Networks (IPv6/IPv4 통합망에서 IPv4 호스트로부터 IPv6 호스트로의 투명한 연결을 지원하는 4to6 DSTM 구조)

  • Park Eun-yong;Lee Jae-hwoon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.5B
    • /
    • pp.287-294
    • /
    • 2005
  • It is impossible to replace overnight the present Internet Protocol Version 4(IPv4)-based Internet with Internet Protocol Version 6(IPv6). These two protocols are expected to coexist for a number of years during the transition period. A number of transition mechanisms are proposed by Internet Engineering Task Force(IETF) Next Generation Transition Working Group(Ngtrans WG). However, most of them provide only the mechanism to initiate sessions from hosts within the IPv6 network to those within the IPv4 network, but do not support the initiation from IPv4 hosts to IPv6 ones. In this paper, we propose the IPv4-to-IPv6 Dual Stack Transition Mechanism(4to6 DSTM) which can operate even in the case that IPv4 clients in the IPv4 network initiate connections with dual stack servers in the IPv6 network.

Design of IPv4/IPv6 Converter with Security Prediction Capability (보안 예측기능이 있는 IPv4/IPv6 변환기 설계)

  • Jang Sung-Man;Kil Min-Wook;Lee Geuk
    • Journal of Digital Contents Society
    • /
    • v.3 no.2
    • /
    • pp.163-176
    • /
    • 2002
  • It is necessary to change internet protect from version 4 (IPv4) to version 6 (IPv6). A converter from IPv4 to IPv6 is working in a laboratory not in practice. In this paper, we review internet protocol versions (IPv6) and design IPv4 to IPv6 converter. The IPv4 to IPv6 converter also has security prediction capability so as to deal with security problem when IPv4 packet is converted to IPv6 packet.

  • PDF

IPv6 over IPv4 tunneling compatible with IPv4 Firewalls (IPv4 방화벽에 호환성을 갖는 IPv6 터널링)

  • Lee, Jung-Nam;Jang, Ju-Wook
    • The KIPS Transactions:PartC
    • /
    • v.10C no.4
    • /
    • pp.519-524
    • /
    • 2003
  • During the period of co-existence of IPv4 and IPv6, Ipv6 over IPv4 tunneling technique is intended as a start-up transition mechanism. However, most of IPv4 firewalls do not support the IPv6 over IPv4 tunneling packet filtering. Finally, it is impossible that a user inside IPv4 firewall connects with an IPv6 host across IPv4 network. Without any additional hardware or changing the policy of IPv4 firewall, we solve this problem using proposed Double-encapsulation and applied-HTTP tunneling technique that are end-to-end solutions. This enables cheaper IPv6 migration solutions.

A Mobility Header Conversion Mechanism for Mobile IPv4 and Mobile IPv6 Communications (Mobile IPv4/Mobile IPv6 통신을 위한 모바일 헤더 변환 메커니즘)

  • Kim, Dae-Sun;Hong, Choong-Seon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.32 no.1B
    • /
    • pp.61-70
    • /
    • 2007
  • An interworking translator for IPv6 and IPv4 services can be defined as an intermediate component between a native IPv4 host and a native IPv6 host to enable direct communication between them without requiring any modifications to the hosts. But if the host is a mobile node, triangle routing problem occurs, since Mobile IPv4 allows mobile node to roam transparently in my network. In this situation, mobile node must notify transfer information to its own home agent and correspondent node in IPv6 network. But current NAT-PT does not permit mobility header translation. Therefore, NAT-PT does not support efficient communication between Mobile IPv4 and Mobile IPv6. In this paper, we propose a mobility header conversion mechanism to resolve the triangle routing problem between Mobile IPv4 and Mobile IPv6.

Design and Implementaion of IPv4/IPv6 Translation Protocol (IPv4/IPv6 변환 프로토콜의 설계 및 구현)

  • Park, Seok-Cheon;Lee, Gwang-Bae
    • The KIPS Transactions:PartC
    • /
    • v.8C no.6
    • /
    • pp.783-792
    • /
    • 2001
  • It is well known that, in the near future, the lifetime of the IPv4 address space will be limited and available 32-bit IP network addresses will not be left any more. In order to solve such IPv4 address space problem in an effective way, the transition to the new version using IPv6 architecture is inevitably required. At present, it is impossible to convert IPv4 into IPv6 at a time, since the coverage and the size of today's Internet is too huge. Therefore, the coexistence of both IPv4 and IPv6 must be arranged in a special and practical fashion for rapid conversion on the whole. IP protocol translation has been proposed to ease the translation of the Internet from IPv4 to IPv6. This paper presents the design and implementation of a transparent transition service that translates packet header as they cross between IPv4 and IPv6 networks. IPv4/IPv6 Translation Protocol is written in c source code and is tested by the local test recommended by ISO, which has the most excellent error detection function. The test was processed with a test scenario and it was found that the results were successful.

  • PDF

Analysis for Security Vulnerabilities on DSTM Tunneling (DSTM 터널링 보안 취약점 분석)

  • Cho, Hyug-Hyun;Kim, Jeong-Wook;Noh, Bong-Nam
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.2 no.4
    • /
    • pp.215-221
    • /
    • 2007
  • IPv6 is a protocol to solve the address space limitation of IPv4 by IETF. Many transition mechanism to communicate between IPv4 and IPv6 in mixed IPv4/IPv6 network are proposed. DSTM tunneling is a mechanism that dual stack in IPv6 network is able to communicate with node in IPv4 network by dynamic allocating the IPv4 address. This mechanism supports the execution of IPv4 dependent application without modification at IPv6 network. In this paper, we explain the security vulnerability at DSTM network for DHCP attack, TEP attack, and source spoofing attack then describe the result of attacks.

  • PDF

A Implementation Method of mixed IPv4/IPv6 Network for Testing Security Vulnerability (보안취약점 테스트를 위한 IPv4/IPv6 혼재 네트워크 구축 방법)

  • Kim Jeong-Wook;Mun Gil-Jong;Kim Yong-Min;Noh Bong-Nam
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2006.06a
    • /
    • pp.477-480
    • /
    • 2006
  • IPv6는 IPv4의 주소 부족을 해결하기 위해 1998년 IETF에서 표준화된 프로토콜이다. 현재 IPv4가 수축으로 되어 있는 인터넷을 동시에 IPv6로 전환하는 것은 불가능하므로 IPv4/IPv6 혼재네트워크를 거쳐 IPv6 순수 망으로 전환될 것이다. 본 논문에서는 혼재네트워크에서 IPv4 망과 IPv6 망간의 통신을 가능하게 해주는 IPv6 전환 메커니즘 중 터널링 방식에 대해 기술하고, 보안 취약성을 테스트하기 위해 동일한 보안 취약성에 대해 각각 IPv4 패킷, IPv6 패킷, 터널링된 패킷을 캡쳐할 수 있는 구축방안을 제안한다. 제안된 방식은 IPv4, IPv6, 터널링 패킷에 대한 분석이 가능하므로 IPv6 지원을 계획하는 침입탐지, 침입차단 시스템에 활용이 가능하다.

  • PDF

A Security Vulnerability in IPv6 Native Network and Mixed IPv4/IPv6 Network (IPv6 순수망과 IPv4/IPv6 혼재망의 보안 취약점)

  • Yi Young-Soo;Park Nam-Youl;Kim Yong-Min;Noh Bong-Nam
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2006.06a
    • /
    • pp.340-343
    • /
    • 2006
  • IPv6는 차세대 네트워크를 구축하기 위한 가장 핵심적인 기술로써, 풍부한 주소공간과 이동성 지원, 보안기능 강화 등 IPv4에 비해 많은 이점을 지니고 있다. 또한 IPv4의 주소 고갈 문제를 해결하기 위해 IPv6로의 전환이 당연시 되고 있으나 IPv4/IPv6 혼재망이 과도기적인 입장에서 대안이 될 수 있다. 그러나 IPv4/IPv6 혼재망과 IPv6망은 IPv4에서와 마찬가지로 프로토콜 기능상의 많은 문제점을 안고 있다. 본 논문에서는 IPv6망 및 IPv4/IPv6 혼재 네트워크상에서의 보안 취약점과 실험 결과를 기술하였다.

  • PDF

IPSec in co-existence of IPv4 and IPv6 (IPv4와 IPv6가 혼재하는 상황에서의 IPSec)

  • Kang Jimyung;Jeong Jiwoong;Kim Chong-kwon;Shin Seong-Jun;Ahn Joung-Chul
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2005.11a
    • /
    • pp.466-468
    • /
    • 2005
  • 현재 사용되는 인터넷은 IPv4를 기반으로 하고 있다. 그러나 IPv4 주소의 부족을 예상하면서 128bit의 주소를 사용하는 IPv6이 제안되었다. IPv6로 네트워크가 이동해 가기 위해서는 IPv4와 IPv6이 공존하는 과도기적 상황을 필수적으로 겪어야 한다. 즉 IPv6과 IPv4와의 통신이 가능해져야지만, IPv6의 도래가 가능할 것이다. 이러한 상황을 고려한 통신 방안들이 1ETF에서 제안되었다. 하지만 이러한 방안들은 네트워크의 보안이 거의 고려되지 못하였다. 본 논문에서는 IPv4와 IPv6이 공존하는 상황에서 차세대 보안 기술의 선두격인 IPSec을 사용할 때 발생할 수 있는 보안 문제들에 대해 분석하고, 이러한 네트워크 보안을 고려한 IPv4와 IPv6의 통신 프레임 워크를 제시한다.

  • PDF

An Improvement of Packet Filtering Functions for Tunneling Based IPv4/IPv6 Transition Mechanisms (터널링 기반 IPv4/IPv6 전이 기법을 위한 패킷 필터링 기능 개선)

  • Lee, Wan-Jik;Heo, Seok-Yeol;Lee, Won-Yeoul;Shin, Bum-Joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.6
    • /
    • pp.77-87
    • /
    • 2007
  • It will need a quite long time to replace IPv4 protocol, which currently used, with IPv6 protocol completely, thus we will use both IPv4 and IPv6 together in the Internet during the period. For coexisting protocols, IETF standardized various IPv4/IPv6 transition mechanisms. However, new security problems of IPsec adaptation and IPv6 packet filtering can be raised by tunneling mechanism which mainly used in transition mechanisms. To resolve these problems, we suggested two improved schemes for packet filtering functions, which consists of an inner header filtering scheme and a dedicated filtering scheme for IPv4/IPv6 transition mechanisms. Also we implemented our proposed schemes based on Linux Netfilter framework, and we tested their filtering functions and evaluated experimental performance of our implementation on IPv4/IPv6 transition testbed. These evaluation tests indicated that our improved packet filtering functions can solve packet filtering problems of IPv4/IPv6 transition mechanisms without severely affecting system performance.