IPv6 devices and security?
Shadow Hawkins on Monday, 21 July 2008 14:44:51
With the slow introduction of IPv6 into devices I am wondering about the security issues involved. Specifically I am wondering whether there is hardware out there that is secure using IPv4, but is not when using IPv6? Also, for these operating systems and devices are there ways to harden them, without waiting for the original manufacturer?
What I am trying to understand here are potential security issues I am likely to encounter by allowing IPv6 into my network and what should be done to resolve them?
IPv6 devices and security?
Shadow Hawkins on Wednesday, 29 October 2008 02:33:03
What do you want to know exactly?
The IPv6 stack is pretty much new stuff in most operating systems, given IPv6 slow adoption. Hence, it might contain vulnerabilities and bugs. If you don't like that, I recommend you to not use IPv6 unless you need it.
Other than that, given that we're not using NAT for IPv6, but fully routable IPv6 addresses when using a SixXS tunnel, you'd better have a sane firewall policy on your border routers (the ones that run AICCU). At least, this will prevent people from bypassing your IPv4 filters by using IPv6 and accessing your end hosts that are configured with a global IPv6 address.
Posting is only allowed when you are logged in. |