Security invaders ahead on IPv6 knowledge

Hackers seeking to breach security are ahead of most organizations looking to implement IPv6

By Stephen Bell, Computerworld New Zealand |  Security, IPv6

Financial considerations for the company are not limited to the cost of IPv6 itself, Martin says; a lot of security tools will need to be upgraded to handle IPv6 checks properly and this will cost the organisation.

Filtering of suspect email relies substantially on reputation servers, and most of these are not yet equipped to keep tabs on the vastly greater address space of IPv6, the panel agreed in response to a query from the audience. It is up to people who care about secure IPv6 implementation to start their own reputation lists, panel members suggested. These will blacklist wide ranges of address-space, since listing individual addresses will be too huge a task.

Hackers are busy looking at all the vulnerabilities in IPv4 and figuring out how they translate to IPv6. Using unobserved IPv6 traffic to covertly attack IPv4 networks is "attractive", said Neilson.

It's prudent to assume the adversary is slightly ahead of us," Berry said. The hacker community's incentive to explore the capabilities of IPv6 is "perhaps stronger than some of us".

The Australian Federal government being ahead of New Zealand's in implementing IPv6 has value, Berry says. "We are in touch with our sister agency, the DSD, in Australia. As [Australian agencies] push IPv6 out, there'll be significant lessons learned. DSD will alter its ISM and we will plagiarise that and push it out as policy here."


Originally published on Computerworld New Zealand |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question