nanog mailing list archives
Re: IPv6, IPSEC and deep packet inspection
From: "william(at)elan.net" <william () elan net>
Date: Fri, 31 Dec 2004 14:35:49 -0800 (PST)
BTW - One of the most fascinating things is that some miscreants when they hack your ipv4 host, the first thing they do (if kernel can support ipv6) is setup ipv6 tunnel to their home (or more likely another hacked box) destination, then they setup a bot which has only ipv6 adddress. Apparently this way they can survive longer without being discovered or their bot access blocked because ipv6 tunnels are seen as good thing (rightly so) and ipv6 activitiy is not looked at as closely by automated means. And of course there are those peski ipv6 irc servers in italy and other places with interesting crowd on them... At the same time, I'll note that I've never seen hacked ipv6-only box... (but maybe that is just because there aren't that many ipv6-only boxes) On Fri, 31 Dec 2004, Rob Thomas wrote:
Hi, NANOGers. Folks who are considering or using IPv6 should know that the miscreants are as well. There have been IPv6 bots and botnets. IPv6 based hosts are regularly used as a bounce for IRC access. IPv6 DoS tools do exist. Many of your monitoring tools choke on IPv6, or ignore it entirely. So while a new approach to security with IPv6 may be warranted, many of the same old threats await you there. Thanks, Rob.
Current thread:
- IPv6, IPSEC and deep packet inspection Sam Stickland (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Merike Kaeo (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Daniel Roesen (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Merike Kaeo (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Stephen Sprunk (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Rob Thomas (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection william(at)elan.net (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Daniel Roesen (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection bmanning (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Daniel Roesen (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Iljitsch van Beijnum (Dec 31)
- Re: IPv6, IPSEC and deep packet inspection Merike Kaeo (Dec 31)
- <Possible follow-ups>
- Re: IPv6, IPSEC and deep packet inspection J. Oquendo (Dec 31)