Follow on Google News
Industry News
* Security
* Technology
* More Industries...

Country(s)
United States
Australia
India
Hong Kong
England
China
- - -
More Countries


Industry News





October 2024
SuSaFrThWeTuMo
654321
September 2024
30

Follow on Google News

Security preparations for IPv6 migration must start now

New IPv6 enabled operating systems, smart devices and applications could increase risks
By: SANS Institute
 
Nov. 15, 2010 - PRLog -- Security preparations for IPv6 migration must start now

New IPv6 enabled operating systems, smart devices and applications could increase risks

London, UK, November 15th,  2010 - The arrival of a slew of new and upgraded operating systems, smart phones and tablets that are enabled for IPv6 has the potential to open new and unrecognised security weaknesses in otherwise secure environments.

According to Johannes Ullrich, PhD, chief research officer for the SANS Institute, “One of the problems is the accidental implementation of IPv6. You may already have IPv6 on your network without knowing about or configuring it.

Internet Protocol Version 6 (IPv6) is designed to succeed Internet Protocol version 4 (IPv4) and was developed by the Internet Engineering Task Force (IETF) and ratified in 1998. The new protocol adds additional features as well as offering a 128-bit address range. Its future adoption is almost certain as available IPv4 addresses are likely to be exhausted within two years based on current consumption rates.

“Windows 7, OS X and Linux enables it by default. In the last round of operating system updates, it has tended to be turned on by default.” Ullrich also highlights devices running Apple’s IOS such as iPhone as well as some Google Android devices with IPv6 also enabled by default.

In his view, the growth of mixed IPv4 and IPv6 networks, in some cases without the knowledge of IT security teams, can introduce a variety of potential security risks. Attacks designed to exploit IPv6 enabled devices could also be missed by intrusion detection systems that have not been correctly configured to deal with IPv6 traffic.

Ullrich believes that organisations have failed to grasp the full impact of a move to IPv6 or the amount of time needed to plan, test and secure any migration strategy.

“Many organisations will look at their own networks and not see a big problem staying on IPv4,” he explains. “But say you need to connect to a supplier network in China and they have been forced to move to IPv6 due to running out of addresses, your organisation may have to switch over very quickly.”

Ullrich believes that it will take at least about a year for larger organisations to move over to IPv6. Although most modern routers and switches are capable, supporting SIEM, IDS, IPS and monitoring tools will need reconfiguration. The application layer is more problematic: “It is comparable to the Y2K problem, and there may well be many complex or custom applications that are affected by switching over that need to be tested.”

Ullrich, who is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold programme, will be covering IPv6 as part of the SECURITY 503 Intrusion Detection In-Depth course at SANS London this November. Ullrich is also running an evening briefing session, which will go into more depth on the subject for attendees of the event.
For more information, please visit:  http://www.sans.org/london-2010/

Editors for further information contact:-
Anne Harding
The Message Machine
Tel: 01895 631448
Email: anne@themessagemachine.com
End
Source:SANS Institute
Email:***@themessagemachine.com Email Verified
Industry:Security, Technology
Account Email Address Verified     Disclaimer     Report Abuse
Most Viewed
Most Viewed Monthly

Most Viewed
Most Viewed Monthly

Nov 15, 2010 News



Like PRLog?
9K2K1K
Click to Share