Educause Security Discussion mailing list archives
Re: outrageous DNS queries of isatap.mshome. from Residential Network.
From: Ken Connelly <Ken.Connelly () UNI EDU>
Date: Wed, 4 Mar 2009 12:51:00 -0600
Michael Sinatra wrote:
On 03/04/09 08:10, John Ladwig wrote:A quick Google exercise suggests "Microsoft Teredo Tunneling Pseudo-Interface " For those not aware of Teredo (nee Shipworm - funny, renaming didn't actually change the meaning), it's Microsoft's IPv6-in-IPv4 tunneling protocol, enabled (by default?) in Vista. MS has stood up relay servers as part of their path to IPv6, and Vista machines can use them to conect to v6-only Internet resources. Of which there are few, but more and more. You *are* watching your local wires for IPv6 exploits, aren't you? Look up Teredo; it definitely has potential for local impacts. That said, the v6 operational threat situation doesn't seem extreme. Yet.The hope is that the v6 operational threat will become as extreme as is the case with IPv4. :-) It's not Teredo per se. (And BTW, ISATAP is a completely different transition mechanism from Teredo.) It's actually a serious bug in Windows Vista and it's fixed in SP1. The solution is to run SP1 on your Vista machines. The URL that Ken posted in his message points that out. (I am still not sure why he interpreted that message from Doug Pearson as "turn off IPv6"--that's not what the message says.)
Doug's fourth bullet point after the lead paragraph... And disabling IPv6 might not be the ultimate solution, but it can and will happen *WAY* faster than getting a student to upgrade their personal machine to SP1. I stand by my recommendations. - ken
We have not seen a Windows Vista SP1 host exhibit this problem. michael
-- - Ken ================================================================= Ken Connelly Associate Director, Security and Systems ITS Network Services University of Northern Iowa email: Ken.Connelly () uni edu p: (319) 273-5850 f: (319) 273-7373
Current thread:
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Ken Connelly (Mar 04)
- <Possible follow-ups>
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. John Ladwig (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Joe St Sauver (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Michael Sinatra (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Michael Sinatra (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Ken Connelly (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Michael Sinatra (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Gary Flynn (Mar 04)
- Re: outrageous DNS queries of isatap.mshome. from Residential Network. Michael Sinatra (Mar 04)