Beware of IPv6 security goblins, IETF warns

Discussion in 'other security issues & news' started by ronjor, Apr 27, 2012.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    53,600
    Location:
    Texas
    http://arstechnica.com/business/news/2012/04/beware-of-ipv6-security-goblins-ietf-warns.ars
     
  2. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    53,600
    Location:
    Texas
  4. BrandiCandi

    BrandiCandi Guest

    With some firewalls, when you write a rule for IPv4 they will automatically write the identical rule for IPv6. So you may be covered without knowing it. I would imagine that the documentation for your particular firewall would say.

    I haven't started playing with NIDS yet so I don't know, but I wonder if some do the same.
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    1,584
  6. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    That's fine if your firewall actually recognizes IPv6. Many do not. For instance, I am using Tomato which is based on Linux kernel 2.4. Since the 2.4 kernel is now ancient, it does not recognize IPv6 at all. This is not really a security issue since if your router doesn't even recognize IPv6 it wont route it in the first place. However, if you need IPv6 support, you should upgrade Tomato to one of the experimental versions with kernel 2.6 or later.

    I think DD-WRT has been using kernel 2.6+ for a while now, so it should recognize Ipv6 by default.
     
  7. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    Odenton, Maryland
    We said the same thing about ipv4. :D

    There won't be an IPocalypse so to speak. Though the article is right in some regards companies/ISPs typically have a tight grip on the IPv4 side of the network, but less so on IPv6 interfaces, which can introduce dangerous misconfigurations, such as a firewall that has filters set up for IPv4 traffic but accepts all IPv6 traffic. That being said I feel there is a greater awareness of the protocol now in terms of business process owners.

    When ipv6 does become widely publically available at the ISP level, in my opinion most of the risk will be in dual-stack environments where you are hacking the network so to speak allowing ipv6 and ipv4 to run over the same architecture. That and malicious users grabbing blocks of addresses in order to circumvent block lists for spamming or malware exploitation.
     
Thread Status:
Not open for further replies.