Then, we perform full port scans of uncovered pairs and compare the open port states on the IPv4 and IPv6 side.” “First, we send specific UPnP NOTIFY packets to every IPv4 address to gather IPv6/IPv4 pairs. “The scanning consists of two steps,” the researchers explain in a blog post. More specifically the technique – dubbed IPv6 unmasking via UPnP – relies on UPnP NOTIFY packets to uncover pairs of IPv4 and IPv6 addresses on dual-homed hosts configured to support both protocols. The researchers reached these conclusions after developing a new technique to enumerate active IPv6 hosts in the vast address space occupied in cyberspace by the next generation internet protocol.Ĭisco Talos discovered that dual-homed IPv4/IPv6 hosts can be induced to divulge their IPv6 addresses through an approach to scanning based on support for the Universal Plug and Play (UPnP) Protocol. This leads to unintended exposure of sensitive data and services such as SMB network shares, FTP and HTTP servers.” “And indeed, after comparing the top 100 TCP port scan results on corresponding IPv6 and IPv4 addresses, we have found 3% of hosts to have more open ports on IPv6 side. “When we started this research, we hypothesized that we would likely find hosts that have proper filtering, all important ports firewalled, on IPv4 side, but more relaxed, or non-existent filtering on the IPv6 side,” Talos researcher Joe Marshall reports. Security researchers have uncovered shortcomings in firewall rules that meant IPv6 hosts are more frequently openly exposed to internet attacks than IPv4-connected devices.Ī “significant number” of scanned hosts had less filtering on the IPv6 side than on IPv4, resulting in additional exposure of these devices and their networks, Cisco Talos discovered.
0 kommentar(er)
