Forwarded from: Jim Hoagland <jim_hoagland (at) symantec.com> In the interest of clarity... On 12/6/06 10:12 PM, "InfoSec News" <alerts@private> wrote: > === IN FOCUS: Look Before You Leap into IPv6 with Teredo ======= > by Mark Joseph Edwards, News Editor, mark at ntsecurity / net [...] > Hoagland also writes that security devices such as intrusion detection > and prevention systems (IDSs/IPSs) that are designed for IPv4 don't > understand IPv6 traffic. Thus, the IPv4 devices can't enforce adequate > security controls on IPv6 traffic encapsulated in IPv4 packets. That's not exactly what I wrote actually. The point I made is that unless a firewall/NIDS/NIPS is specifically Teredo aware, the IPv6 content that Teredo is carrying (over UDP over IPv4) will not be properly inspected. Thus, introducing Teredo on your network might well reduce your security posture. I talk about this mainly in Section III-B of the paper (page 8) [1], but I think my blog entry [2] also explains it well. [1] http://www.symantec.com/avcenter/reference/Teredo_Security.pdf [2] http://tinyurl.com/ulk9o Thank you, Jim -- Jim Hoagland, Ph.D., CISSP Principal Security Researcher Advanced Threats Research Symantec Security Response www.symantec.com _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Dec 07 2006 - 22:35:27 PST