The Ghost in Your Machine: IPv6 Gateway to Hackers
Kim Zetter writes on Threat Level:
It may be years before the new internet protocol IPv6 takes over from the current IPv4, but a security researcher is warning that many systems – corporate and personal – are already open to attack through channels that have been enabled on their machines to support IPv6 traffic.More here.
Joe Klein, a security researcher with Command Information, says many organizations and home users have IPv6 enabled on their systems by default but don't know it. They also don't have protection in place to block malicious traffic, since some intrusion detection systems and firewalls aren't set up to monitor IPv6 traffic, presenting an appealing vector through which outsiders can attack their networks undetected.
"Essentially, we have systems that are wide open to a network," says Klein, who is a member of an IPv6 task force and will be speaking about the issue tonight at the HOPE (Hackers on Planet Earth) conference in New York. "It's like having wireless on your network without knowing it."