Security Best Practice: Blocking IPv6 In IPv4 Tunneling
| Check Point Reference: | SBP-2009-19 | |
| Date Published: | ||
| Severity: | ||
| Source: | IPS Research Center | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? N/A | ||
| Vulnerability Description Internet Protocol version 6 (IPv6) is the next-generation Internet Protocol version designated as the successor to IPv4, the first implementation used in the Internet. Tunneling is used by computer networks when one network protocol encapsulates a different payload protocol. Via tunneling a user can carry a payload over an incompatible delivery-network, or provide a secure path through an untrusted network. |
||
|
Vulnerability Details Users can use tunneling to get past a firewall, using a protocol that the firewall would normally block, but wrapped inside a protocol that the firewall does not block. Also, tunneling communication between internal clients and servers outside the organization can leave the client that initiates the connection vulnerable to attacks sent through the tunnel. The client machine could infect other machines, and potentially jeopardizing the entire network. |
Protection Overview
This protection will detect and block IPv6 tunneling inside IPv4 packets.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest SmartDefense/IPS update. For information on how to update SmartDefense/IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.