• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

IPv6 Protection by OSes Inadequate, Potential Vulnerabilities Surface

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,277 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Rudimentary software-level protection for IPv6 (Internet Protocol Version 6), a network protocol which comes pre-installed with several operating systems (OS) but poorly implemented in the real-world makes it a protocol ignored by security providers, and effectively a soft-target for hackers to compromise a system.

Several OSes including Linux 2.6 upwards, Windows Vista, Solaris, Mac OS X and mobile OSes such as Windows Mobile 5 and 6 come with IPv6 enabled by default, though the user would probably not use the protocol in a year 2008 setting where the networks haven't embraced the protocol to level that makes it an explicit requirement for all internet-enabled computers the way IPv4 is. Keeping this in mind, software level protection for IPv6 is close to non-existent, having strong intrusion detection-enabled protection might keep you safe at an IPv4 level that's still standard, but with IPv6 enabled and with protection that doesn't cover IPv6, the PC is as vulnerable as one without any firewall at all. With IPv6 'listeners' (programs that open ports and allow incoming connections) in place the PC becomes vulnerable to intrusions. All it takes is for a hacker to create an IPv6 listener program (malware) and plant it on a PC.

Security Reasercher Joe Klein of Command Information says that the internet has no dearth for computers with IPv6 enabled without users' knowledge. Administrators who don't keep tabs of their systems face a huge risk, said Klein. Operational dangers aside, administrators who work for organizations that have to comply with regulations like HIPAA or Sarbanes-Oxley risk non-compliance if they don't secure their IPv6 implementations - whether they realize they have one or not. Perhaps the biggest threat is that of hackers tunneling IPv6 traffic through an IPv4 system. Tunneling often circumvents firewalls, even over IPv4.

Command Information predicts that we will run out of IPv4 addresses in about two and a half years' time. The continuity of the internet's expansion depends on how quickly IPv6 is implemented globally. Apparently security isn't able to catch up with the pace of network technologies' advancements.

View at TechPowerUp Main Site
 

PrudentPrincess

New Member
Joined
Jun 28, 2007
Messages
669 (0.11/day)
Location
Eugene
System Name Foobox3000
Processor Core 2 Duo 36750@3.46ghz
Motherboard Gigabyte GA-G33M-DS2R
Memory 2gb (2x1gb) Crucial Ballistix Tracer
Video Card(s) EVGA 9800gtx
Storage 500gb 7200prm IDE
Display(s) Sceptre 19"
Case Apevia X-Qpack 2 Red
Power Supply 500w Apevia generic
lol another reason not to upgrade to Vista. :D
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,277 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
lol another reason not to upgrade to Vista. :D

Windows XP SP2+ included. It just wasn't mentioned in the source article, so didn't mention it. WinXP SP2 and above does come with IPv6.
 
D

Deleted member 24505

Guest
Better uninstall xp sp2 then too eh :p

Is it a problem then bta?
 

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.21/day)
Location
Cheeseland (Wisconsin, USA)
Just shut it off if you don't use it. Not to terribly difficult.
 
Joined
Nov 22, 2007
Messages
1,398 (0.23/day)
Location
Hyderabad,India
System Name MSI apache ge62 2qd
Processor intel i7 5700HQ
Memory 12 Gb
Video Card(s) GTX960m
Storage 1TB
Display(s) Dell 24'
Reading the heading of the article I thought it was another one of Kaspersky antics.
From what I understand of the article a firewall software hasn't been designed for IPv6 and this researcher is lamenting about it. One can't expect companies to come out with a software which no one uses. Companies need to make money and they will wait till IPv6 is started to be used or a few days before the switch is made.
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,277 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Better uninstall xp sp2 then too eh :p

Is it a problem then bta?

Unchek this box, save settings, reboot:


See if your internet/local network/NAS work properly. If so, keep it that way.
 
Joined
Feb 26, 2007
Messages
850 (0.14/day)
Location
USA
Odd, I just checked several of my work computers. A couple of them even have SP3 installed. Not one has IPv6 installed. I go to install a new protocal and it is available but not one machine has it installed. Did XP Pro not auto install it?
 
Joined
Jul 13, 2008
Messages
306 (0.05/day)
Location
EU
The original XP already had ipv6 support if I recall correctly, and certainly XP-SP1 did.

I'd like to point out also that at some point with SP2 I started to notice my computer contacted microsoft a lot, even while I have automatic updates disabled, and I traced it to the IPv6 service that was running, so in privacy respect, and in wasted resources until IPv6 comes to the masses respect, I'd advise to disable the IPv6 service if it's running on your system.
Right now AFAIK IPv6 is only used on backbones and by fervent enthusiast as an experiment in cooperation with their ISP, which is actually a pretty weird thing because one ISP for instance had that option and if you did they assigned you 32000 IP's!!! instead of the normal one or two.
Once they roll it out it'll be hard to block unwanted people I guess.
 
Last edited by a moderator:
Top