We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Prepare for IPv6 now, firms warned

New web protocol is not a cure-all

For many IT managers, IPv6 (Internet Protocol version 6), the next version of the Internet Protocol, may seem like a far-off concern. But the technology will make its way into corporate systems sooner than many people realise, forcing IT departments to confront potential security vulnerabilities inherent in the new protocol, a security consultant has warned.

Companies need to prepare themselves for IPv6, even if they don't have plans to upgrade their networks, said Van Hauser, a security consultant and the founder of hacking group The Hacker's Choice. Hauser discussed security vulnerabilities in IPv6 this week during a presentation at the HITB (Hack In The Box) security conference in Kuala Lumpur, Malaysia.

"Most people think there's no IPv6 now, so where's the problem?" Hauser said. "The thing is, if you install any Unix OS [operating system] now it comes with IPv6 enabled."

In addition, Windows Vista is expected to have support for IPv6 enabled, he said.

IT managers need to be prepared to address security issues in the new protocol. "It has the same vulnerabilites as IPv4 (IP version 4). When you thought that with IPv6 everything will change in regards to security, this is not really the case," Hauser said.

Among the vulnerabilities that IPv6 and IPv4 share is the ability of a hacker to launch a man-in-the-middle attack, Hauser said. In this type of attack, a hacker is able to monitor or insert packets being sent back and forth between two parties, without either one realising that the network link between them has been compromised by a third party.

To secure against vulnerabilities in IPv6, companies must use IPSec (IP security) on their networks, Hauser said. "If you use IPSec, most of the problems go away," he said.

However, even then networks will not be completely secure. "It's not that easy. If you do encryption and authentication, it doesn't mean that security is okay," Hauser said. "It just narrows down the number of people who can do something."


IDG UK Sites

LG G4 Note UK release date and specification rumours: Samsung Galaxy Note 5 killer could be the LG 3......

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model