Abstract
IPv6, the latest revision of the Internet Protocol, is intended to replace IPv4, which still carries the vast majority of Internet traffic as of 2013. The advent of IPv6 changes not only the network components, but also the security field shifts. We see new types of attacks or at least variations of the attacks we know from IPv4. Although IPv6 was designed with the aim of superseding its ancestors; it is defected in its ability to provide security to its users, anonymity being one such issue. Anonymity is preferred by internet users, and in IPv4, this has been achieved to some extent using NAT. However in IPv6, the protocol reintroduces a transparent end-to-end connectivity, thus eliminating masquerading feature that was previously obtained via NAT. The documented methods of mapping MAC and IPv6 addresses also exposes the users to be easily identified. The preference of anonymity would have to trade off with the performance. This brings the issue of challenges in preserving anonymity in IPv6. This article provides an overview of the IPv6 security vulnerabilities that arise with the launch of IPv6 and a possible solution to overcome the problem with anonymity. We propose the use of a “default deny” policy in firewall that forbids any request not explicitly mentioned by the user.