{"id":4168,"date":"2010-11-19T15:34:32","date_gmt":"2010-11-19T20:34:32","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2022-12-30T15:46:13","modified_gmt":"2022-12-30T20:46:13","slug":"do-you-know-where-your-ipv6-is","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/do-you-know-where-your-ipv6-is\/","title":{"rendered":"Do You Know Where Your IPv6 Is?"},"content":{"rendered":"

\"Do<\/a>Earlier, I covered <\/a>the iSuppli<\/a> announcement that nearly 3 out of every 4 people on Earth will soon own a mobile phone. Now, this factoid has some consequences. Johannes Ullrich<\/a>, PhD, chief research officer for the SANS Institute<\/a> is predicting that the arrival of new and upgraded IPv6-enabled operating systems, can open new and unrecognized security weaknesses in otherwise secure environments.<\/p>\n

\"SANS<\/a><\/p>\n

Dr. Ullrich told Net Security<\/a><\/em>, \u201cOne of the problems is the accidental implementation of IPv6. You may already have IPv6 on your network without knowing about or configuring it.” He continues, \u201cWindows 7<\/a>, OS X<\/a>, and Linux<\/a> enable it by default. In the last round of operating system updates, it has tended to be turned on by default.\u201d Dr. Ullrich, who is currently responsible for the SANS Internet Storm Center (ISC<\/a>), also highlights<\/a> devices running Apple\u2019s IOS<\/a> such as iPhone as well as some Google Android<\/a> devices come with IPv6 enabled by default.<\/p>\n

Dr. Ullrich says that the growth of mixed IPv4 and IPv6 networks, sometimes without the knowledge of IT security teams, can introduce a variety of potential security risks. Attacks designed to exploit IPv6-enabled devices could also be missed by security teams not looking for\u00a0 IPv6 traffic, “Many organizations will look at their own networks and not see a big problem staying on IPv4,\u201d he explains.<\/p>\n

\"\"<\/a>According to Net Security<\/em>, Ullrich believes that organizations have failed to grasp the full impact of a move to IPv6 or the amount of time needed to plan, test, and secure any migration strategy. Ullrich believes that it will take at least about a year for larger organizations to move over to IPv6. Although most modern routers and switches are capable, supporting SIEM, IDS, IPS, and monitoring tools will need reconfiguration. The application layer is more problematic according<\/a> to the SANS Institute expert\u00a0 \u201cIt is comparable to the Y2K problem, and there may well be many complex or custom applications that are affected by switching over that need to be tested.\u201d<\/p>\n