[ISN] Look Before You Leap into IPv6 with Teredo

From: InfoSec News (alerts@private)
Date: Wed Dec 06 2006 - 22:12:42 PST


Forwarded from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com>

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

LinkScanner Pro - Stop zero-day Internet attacks 
   http://list.windowsitpro.com/t?ctl=42788:7EB890

Free Whitepaper Kit: Top 10 Patch Management Tips
   http://list.windowsitpro.com/t?ctl=427A0:7EB890

Clean Up Your Company's Email Act: Using Filters to Block Threats
   http://list.windowsitpro.com/t?ctl=42785:7EB890


=== CONTENTS ===================================================

IN FOCUS: Look Before You Leap into IPv6 with Teredo

NEWS AND FEATURES
   - Loosened Copyright Restrictions Aid Security Researchers
   - Exploit Prevention Labs LinkScanner Takes Aim at McAfee 
SiteAdvisor
   - The Paros Proxy Server
   - Recent Security Vulnerabilities

GIVE AND TAKE
   - Know Your IT Security Contest--Last Week to Enter
   - Security Matters Blog: EU Wants a Crackdown on Spam
   - FAQ: Security Assessment Tool
   - From the Forum: Forgotten Password on HP Laptop
   - Microsoft Learning Paths for Security: A More Secure Platform 
Through Identity and Access Management

PRODUCTS
   - Speedy Antispyware Scanning in Vista
   - Wanted: Your Reviews of Products 

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS


=== SPONSOR: ByteCrusher =======================================

LinkScanner Pro - Stop zero-day Internet attacks
   LinkScanner Pro complements existing security products like a 
firewall or anti-virus by providing effective zero-day protection 
against web threats. Firewalls don't see these new threats because they 
use trusted browser connections. Anti-virus and anti-spyware programs 
only detect them after the damage has been done to the computer. 
LinkScanner provides real-time analysis of network traffic, web site 
content and behavior to protect users from a wide-range of online 
threats including malicious content, phishing, social engineering and 
targeted software exploits. Unlike products that use out-dated 
databases and questionable user feedback, LinkScanner's protection and 
site ratings are based on a current inspection of the web site and the 
data stream entering your computer. With LinkScanner, web surfing just 
became a whole lot safer. 
   http://list.windowsitpro.com/t?ctl=42788:7EB890


=== IN FOCUS: Look Before You Leap into IPv6 with Teredo =======
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

We're told that the future of the Internet revolves around the IPv6 
protocol. Meanwhile, the majority of computers on the Internet still 
use IPv4. The two protocols are different enough that key software 
packages that are designed for IPv4 are unable to properly handle IPv6 
traffic. This is of course one of the major hurdles for IPv6 adoption. 

To help with this problem, Microsoft developed the open Teredo 
protocol, which tunnels IPv6 traffic over IPv4 networks when IPv6 
clients are behind some sort of Network Address Translation (NAT) 
device that doesn't understand IPv6. If you're interested in the 
technical specifications for Teredo, you can read RFC 4380, "Teredo: 
Tunneling IPv6 over UDP through Network Address Translations (NATs)," 
at the URL below. 
   http://list.windowsitpro.com/t?ctl=4279B:7EB890

Because Teredo is an open specification, Teredo software packages are 
available for a variety of platforms, including Mac OS X, Linux, BSD, 
and Sun Microsystems Solaris. One such package is Miredo, at the URL 
below. 
   http://list.windowsitpro.com/t?ctl=4279F:7EB890

For Windows, Teredo first appeared in service packs for Windows XP and 
Windows Server 2003. It's also a standard part of Windows Vista and 
will be a standard part of Longhorn when it's released. Teredo is a 
decent idea, however you should understand some security implications 
before you jump into using the technology. 

Last week, Symantec published a white paper titled "The Teredo 
Protocol: Tunneling Past Network Security and Other Security 
Implications," written by Dr. James Hoagland, principal security 
researcher with Symantec Advanced Threat Research. The white paper 
presents an examination of real and potential security problems. For 
example, Hoagland explains how worms that use network layer 3 or 4 
could use Teredo to escape a contained IPv6 network and reach remote 
IPv6 networks. You recall that the Slammer worm was able to propagate 
itself by using only one UDP packet. 

Hoagland also writes that security devices such as intrusion detection 
and prevention systems (IDSs/IPSs) that are designed for IPv4 don't 
understand IPv6 traffic. Thus, the IPv4 devices can't enforce adequate 
security controls on IPv6 traffic encapsulated in IPv4 packets.

Another problem is that Teredo might allow unwanted traffic into the 
IPv6 or IPv4 network. Other potential security problems relate to the 
possibility of creating a Denial of Service (DoS) condition in both 
Teredo clients and servers and the ability for remote systems to 
traverse the NAT in ways that are probably undesirable. 

If you're interested in using Teredo, by all means download a copy of 
Symantec's white paper (at the URL below) and read it over carefully. 
It might save you many headaches and answer a lot of questions before 
they even arise as a result of oddities in your network.
   http://list.windowsitpro.com/t?ctl=42789:7EB890

Keep in mind that the white paper discusses Teredo in general and is 
based on the associated RFC. Hoagland said that Symantec intends to 
look specifically at Teredo in Windows Vista sometime in the future. So 
keep an eye out for that white paper to become available. 

===

You still have one week (through December 13) to send us your security 
tips or stories and win a Zune media player. Email your contributions 
to tipswinitsec@private To find out more about the Know Your 
IT Security contest, go to
   http://list.windowsitpro.com/t?ctl=42793:7EB890


=== SPONSOR: PatchLink =========================================

Free Whitepaper Kit: Top 10 Patch Management Tips
   Stop the endless streams of security patches. Accurately "assess, 
deploy and track" software patches across Multiple OSs. FREE Whitepaper 
distills the top 10 requirements for selecting an effective patch 
management solution. Plus test drive the #1 Patch Management Solution. 
FREE 30-Day Trial.
   http://list.windowsitpro.com/t?ctl=427A0:7EB890


=== SECURITY NEWS AND FEATURES =================================

Loosened Copyright Restrictions Aid Security Researchers
   A new exemption to the Digital Millennium Copyright Act (DMCA) lets 
researchers circumvent copyright protection systems on digital media, 
such as CD-ROMs, to test the security of those protection systems.
   http://list.windowsitpro.com/t?ctl=4278F:7EB890

Exploit Prevention Labs LinkScanner Takes Aim at McAfee SiteAdvisor
   Both companies now have free and paid products that are designed to 
protect users from malicious content.
   http://list.windowsitpro.com/t?ctl=42794:7EB890

The Paros Proxy Server
   Proxy server Paros, a freeware Java application, helps you find your 
Web site's vulnerabilities and improve its security.
   http://list.windowsitpro.com/t?ctl=42792:7EB890

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at
   http://list.windowsitpro.com/t?ctl=42787:7EB890


=== SPONSOR: St. Bernard Software ==============================

Clean Up Your Company's Email Act: Using Filters to Block Threats
   Do you want to block unwanted or undesirable email? Download this 
free whitepaper to learn how to manage the content of information 
crossing your network.   
   http://list.windowsitpro.com/t?ctl=42785:7EB890


=== GIVE AND TAKE ==============================================

KNOW YOUR IT SECURITY Contest--LAST WEEK TO ENTER
   Share your security-related tips, comments, or solutions in 1000 
words or less, and you could be one of 13 lucky winners of a Zune media 
player. Tell us how you do patch management, share a security script, 
or write about a security article you've read or a Webcast you've 
viewed. Submit your entry between now and December 13. We'll select the 
13 best entries, and the winners will receive a Zune media player. 
Email your contributions to tipswinitsec@private
   Prizes are courtesy of Microsoft Learning Paths for Security: 
   http://list.windowsitpro.com/t?ctl=42795:7EB890

SECURITY MATTERS BLOG: EU Wants a Crackdown on Spam
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=4279A:7EB890

Spam is on the rise in Europe, and a crackdown is bound to ensue 
directly. The European Commission (EC) said that as much as 80 percent 
of all email in Europe is unsolicited. Read more about this issue and 
learn how one country has significantly reduced its spam problem. 
   http://list.windowsitpro.com/t?ctl=42790:7EB890

FAQ: Security Assessment Tool
   by John Savill, http://list.windowsitpro.com/t?ctl=42797:7EB890 

Q: How can I perform a high-level security assessment of my company's 
computing environment? 

Find the answer at
   http://list.windowsitpro.com/t?ctl=42791:7EB890

FROM THE FORUM: Forgotten Password on HP Laptop
   A forum participant writes that a user set a power-on password on an 
HP NX6110 notebook computer and can't remember the password, so the 
computer can't be booted. Does anyone knows of a way to reset the 
password without sending the computer back to HP? 
   http://list.windowsitpro.com/t?ctl=42782:7EB890

MICROSOFT LEARNING PATHS FOR SECURITY: Deploying Microsoft Identity and 
Access Management Technologies
   Effective identity and access management is critical to information 
security and is one of the key components of the Core Infrastructure 
Optimization (IO). Use these resources at the Microsoft Learning Paths 
for Security Web site to learn more about the interdependent 
technologies and processes of deploying identity and access management 
solutions, including directory services, identity life-cycle 
management, access management, and more.
   http://list.windowsitpro.com/t?ctl=42795:7EB890


=== PRODUCTS ===================================================
   by Renee Munshi, products@private

Speedy Antispyware Scanning in Vista
   Max Secure Software announced Max Spyware Detector 2.0 for Windows 
Vista and described it as "the world's fastest antispyware software." 
Max Spyware Detector incorporates Max Secure Software's SmartScan 
technology, which uses a proprietary scanning algorithm that reduces 
scan time by up to 20 minutes on repetitive spyware scans. Max Spyware 
Detector will be free until March 2007. After that, Max Spyware 
Detector 2.0 will cost $29.95 for a one-year subscription. For more 
information, go to 
   http://list.windowsitpro.com/t?ctl=42798:7EB890

WANTED: your reviews of products you've tested and used in 
production. Send your experiences and ratings of products to 
whatshot@private and get a Best Buy gift certificate.


=== RESOURCES AND EVENTS =======================================
   For more security-related resources, visit
   http://list.windowsitpro.com/t?ctl=42796:7EB890

Your business, like most today, relies upon its computing systems to 
store financial information, house proprietary data, and maintain 
communications channels. This increasing reliance also increases the 
dangers to your systems from security breaches, including viruses, 
spyware, spam, and hackers. Visit the Windows Protection Site at
http://list.windowsitpro.com/t?ctl=4279C:7EB890 for the latest tips on 
safeguarding your system.

If you're not prepared for the next time spyware attacks your network, 
your business's financial health and reputation could be on the line. 
You can't afford to lose proprietary customer information--or your own 
trade secrets. Register today for this free Web seminar, and learn 
about emerging threats in the spyware landscape, including a discussion 
of rootkits, keyloggers, and other forms of malware.  
   http://list.windowsitpro.com/t?ctl=42784:7EB890

Are you an Oracle professional who has cross-platform responsibilities, 
or do you need to transfer your skill set to SQL Server? If so, 
register for free to attend the Cross Platform Data online event 
January 30 and 31 and February 1, 2007. In a seminar featuring SQL 
Server/Oracle experts Andrew Sisson from Scalability Experts and 
Douglas McDowell from Solid Quality Learning, you'll learn key concepts 
about SQL Server 2005, including how to deploy SQL Server's BI 
capabilities on Oracle, proof points demonstrating that SQL Server is 
enterprise-ready, and how to successfully deploy Oracle on the Windows 
platform.  
   http://list.windowsitpro.com/t?ctl=4278E:7EB890

Are you who you say you are? Really? Even on Linux? Really? If you're 
like most IT professionals, this type of identity crisis is a plague. 
Virtual TechX World--available December 14--makes your life (and the 
lives of your users) easier by equipping you with the latest 
interoperability insights and technology. Slots are filling quickly--
register today! 
   http://list.windowsitpro.com/t?ctl=4278D:7EB890

Does your company have US $500,000 to spend on one email discovery 
request? Join us for this free Web seminar to learn how you can 
implement an email archiving solution to optimize email management and 
proactively take control of e-discovery--and save the IT search party 
for when you really need it! On-Demand Web Seminar 
   http://list.windowsitpro.com/t?ctl=42783:7EB890


=== FEATURED WHITE PAPER =======================================

Securing multiple domains or host names? Learn how the Starter PKI 
program can save time and reduce costs, and provide you with a multiple 
digital certificate account. 
   http://list.windowsitpro.com/t?ctl=42786:7EB890 

BONUS: Register for any white paper from Windows IT Pro in the month of 
December, and be entered to win a Wii! Visit
http://list.windowsitpro.com/t?ctl=4279E:7EB890 for more information
and a complete white paper listing.


=== ANNOUNCEMENTS ==============================================

Uncover Essential Windows Knowledge Through Excavator 
   Try out the ultimate vertical search tool--Windows Excavator. 
Windows Excavator gives you fast, thorough third-party information 
while filtering out unwanted content. Visit
http://list.windowsitpro.com/t?ctl=427A2:7EB890 today!

Vote for the Next "IT Pro of the Month!" 
   Your vote counts! Take the time to reward excellence in an IT pro 
that deserves it. The first 100 readers to cast a vote will receive a 
one-year subscription to Windows IT Pro, compliments of Microsoft. 
Voting takes only a few seconds, so don't miss out. Cast your vote now:
   http://list.windowsitpro.com/t?ctl=4279D:7EB890


================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and the Windows IT Security newsletter 
(subscribe at the second URL below).
   http://list.windowsitpro.com/t?ctl=42799:7EB890
   http://list.windowsitpro.com/t?ctl=4278A:7EB890

Subscribe to Security UPDATE at
   http://list.windowsitpro.com/t?ctl=4278C:7EB890

Be sure to add Security_UPDATE@private 
to your antispam software's list of allowed senders.

To contact us: 
   About Security UPDATE content -- letters@private
   About technical questions -- http://list.windowsitpro.com/t?ctl=427A1:7EB890
   About your product news -- products@private
   About your subscription -- windowsitproupdate@private
   About sponsoring Security UPDATE -- salesopps@private

View the Windows IT Pro privacy policy at
   http://list.windowsitpro.com/t?ctl=4278B:7EB890

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Wed Dec 06 2006 - 22:28:52 PST