Teredo Tunnels IPv6 over IPv4, But How Safe Is That?

Teredo, developed by Microsoft, is included in Windows Vista and let's you tunnel IPv6 traffic over IPv4. Before you jump right into using it some examination of the security implications might be wise.

Jim Hoagland over at Symantec has some help for you in the form of a paper that looks into the security implications. In particular Hoagland points out that a major security concern of Teredo is "the bypassing of network security devices, such as firewalls and IDS / IPS. Unless those are specifically Teredo-aware, they will not see the IPv6 traffic as IPv6 traffic, but merely as UDP traffic on unknown ports and thus will miss the real traffic on which to apply security controls. Thus, Teredo being enabled introduces a security risk to your network."

Here's the document: The Teredo Protocol: Tunneling Past Network Security and Other Security Implications

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish