Invisible IPv6 Traffic Poses Serious Network Threat

IPv6 — the next-generation Internet protocol — isn't keeping too many U.S. CIOs and network managers up worrying at night. But perhaps it should.

By Carolyn Duffy Marsan
Mon, July 13, 2009

Network WorldIPv6 — the next-generation Internet protocol — isn't keeping too many U.S. CIOs and network managers up worrying at night. But perhaps it should. 

Five of the Biggest IPv6-based Threats Facing CIOs

View our slideshow on The Evolution of the InternetSee what's driving a Florida university to IPv6.

Experts say that most U.S. organizations have hidden IPv6 traffic running across their networks, and that few network managers are equipped to see, manage or block it. Increasingly, this rogue IPv6 traffic includes attacks such as botnet command and controls.

"If you aren't monitoring your network for IPv6 traffic, the IPv6 pathway can be used as an avenue of attack," says Tim LeMaster, director of systems engineering for Juniper's federal group. "What network managers don't understand is that they can have a user running IPv6 on a host and someone could be sending malicious traffic to that host without them knowing it."

Most U.S. network managers are blind to rogue IPv6 traffic because they don't have IPv6-aware firewalls, intrusion detection systems or network management tools. Also, IPv6 traffic is being tunneled over IPv4 connections and appears to be regular IPv4 packets unless an organization has deployed security mechanisms that can inspect tunneled traffic. (See also: 5 of the biggest IPv6-based threats facing CIOs.)

"At least half of U.S. CIOs have IPv6 on their networks that they don't know about, but the hackers do," says Yanick Pouffary, technology director for the North American IPv6 Task Force and an HP Distinguished Technologist. "You can't ignore IPv6. You need to take the minimum steps to secure your perimeter. You need firewalls that understand IPv4 and IPv6. You need network management tools that understand IPv4 and IPv6."

"Although they're not thinking about IPv6, for most of the Fortune 500, it's in their networks anyways," agrees Dave West, director of systems engineering for Cisco's public sector group. "You may not see IPv6 today as a business driver. But like it or not, you are running IPv6 in your network."

IPv6 is the long-anticipated upgrade to the Internet's main communications protocol, known as IPv4. IPv6 features vastly more address space, built-in security and enhanced support for streaming media and peer-to-peer applications. Available for a decade, IPv6 has been slow to catch on in the United States. Now that unallocated IPv4 addresses are expected to run out in 2011, the pressure is on U.S. carriers and corporations to deploy IPv6 in the next few years.

IPv6-based threats are not well understood, but they are becoming more prominent. For example, the issue of IPv6-based attacks was raised at a June meeting of the National Security Telecommunications Advisory Committee, a high-level industry group that advises the White House about cybersecurity.

Continue Reading

White Papers »
Delivering a Greener Data Center
This paper covers power utilization, intelligent power management and industry best practices for energy efficiency. Extreme Networks® takes a lifecycle approach to power efficiency, management and recycling, offering savings to our customers and promoting a greener world.
Cloud-Scale Networks Using Open Fabric Architectures
Virtualization and cloud are driving new requirements for data center network performance, VM support, automation and simplified orchestration. This paper outlines Extreme Networks® open fabric approach to high speed, low latency networks for modern data centers.
Mobility in the Network: A Phased Technology Approach
The evolution of the network to provide the intelligence needed to address user, device and application mobility is underway. In this white paper, Extreme Networks® outlines the five phases required to bring mobility into the network.
Virtual Patching with Network Security
The McAfee virtual patching solution provides a layered approach to security risk management, while adding the ability to apply a virtual patching strategy to your existing change-management process.
Gartner Next Generation Network IPS Research Note
Learn more about Gartner's evaluation of network IPS that places McAfee in the leaders' quadrant. Deep inspection network-based intrusion prevention continues to be a due-diligence security control.
Free Your Time! How Automated IPAM saves time with your company's virtualization, mobility and IPv6 challenges
IP networks are growing at an exponential rate thanks to virtualization, mobile devices and IP v6. But IT departments are under budget constraints and skilled staff is becoming scarce. The solution..
Webcasts »
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and enterprise campus network infrastructures for the Cloud, and identify ways to better allocate network resources, reduce operating costs and improve application performance.
Gartner Next Generation Network IPS Webcast
Learn how Gartner's criteria for next generation IPS helps organizations achieve effective threat prevention despite changes in network communications, new applications, and changes in the threat landscape.
How Automation Can Take the Pressure Off Your Network
Today's networks are under attack. To build a better network, you've got to understand the stresses that today's networks are under due to mobility, virtualization and cloud computing.
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn about VMware customer, Navicure, and their experiences testing and evaluating the recovery manager, their progress in implementing it in their environment and their advice other customers considering using vCenter.
Quantifying the Business Value of VMware View - Webcast
Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Delivering a Greener Data Center

Cloud-Scale Networks Using Open Fabric Architectures

Mobility in the Network: A Phased Technology Approach

Virtual Patching with Network Security

Gartner Next Generation Network IPS Research Note

Free Your Time! How Automated IPAM saves time with your company's virtualization, mobility and IPv6 challenges

Automated Network Services Deliver on Enterprise's "Time to Value"

Make the Connection: Better Network Connectivity Drives Transformation

Comparison of Avaya and ShoreTel UC Solutions

Comparison of Cisco and ShoreTel Unified Communication Solutions

Investigating UC Vendors

SIP Trunks and UC security

Nemertes Research PilotHouse Awards: IP Telephony

Best Practice Tips on Building a Unified Communications Business Case

Unified Communications Buyer's Guide

The Changing Role of Mobile Communications in the Workplace

Reduce Cellular Spend With ShoreTel Mobility

Improving Business Value of WAN Optimization

Increase IT Performance from the Enterprise to the Cloud

The Changing Requirements of WAN Optimization
Resource Center
buy a link »
Ads by TechWords