It may be years before the new internet protocol IPv6 takes over from the current IPv4, but a security researcher is warning that many systems – corporate and personal – are already open to attack through channels that have been enabled on their machines to support IPv6 traffic.
Joe Klein, a security researcher with Command Information, says many organizations and home users have IPv6 enabled on their systems by default but don't know it. They also don't have protection in place to block malicious traffic, since some intrusion detection systems and firewalls aren't set up to monitor IPv6 traffic, presenting an appealing vector through which outsiders can attack their networks undetected.
"Essentially, we have systems that are wide open to a network," says Klein, who is a member of an IPv6 task force and will be speaking about the issue tonight at the HOPE (Hackers on Planet Earth) conference in New York. "It's like having wireless on your network without knowing it."
The internet is moving to IPv6 because IPv4 is running out of addresses. Estimates of when IPv4 addresses will be exhausted have varied. Command Information has a widget on its web site counting down the number of IPv4 addresses still available each time the American Registry for Internet Numbers assigns an address or block of addresses. By the widget's count, the supply of IPv4 addresses – currently at around 620 million -- will run out in about 917 days, or about two and a half years.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment