Experts have recently predicted that the move to IPv6 could actually help spambots push out more malware. Is there...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
anything enterprises can do to protect against this?
Planning for the transition to IPv6 has been in progress for more than 10 years, and the issue with spambots is only one on the long list of potential security issues involved in the transition. Along with spam blacklists, anything that relies on IPv4 addresses will need to be investigated in order to determine whether it should be updated to support IPv6, including devices such as firewalls, VPNs, etc.
Enterprises probably already have IPv6 on their networks via IPv4 tunnels from modern client systems. However, be sure to verify whether your network security defenses support IPv6. For systems that don’t support IPv6, you should plan either to upgrade to a version that does or switch to a new product, since IPv6 will need to be implemented sometime in the next couple of years for most networks.
The issue with IPv6 spam and blacklists that Joe Stewart of the Dell SecureWorks Counter Threat Unit has identified, is current spam blacklists have been fairly effective recently to lower the amount of spam and the DHCP churn, and other changes in IPv6 may potentially make it more difficult to implement such blacklists. While DHCP churn could be exacerbated with IPv6 and limit the effectiveness of blacklists, other antispam controls that include content analysis could be implemented to reduce the spam. White and blacklists will need to be carefully managed in this transition, since there will be many new entries, and the size of the lists may become unwieldy.
Enterprises can specifically test their antispam controls to see if they work with IPv6 by enabling a test network that operates with IPv6 and then testing the individual technologies. While it shouldn’t matter currently if the blacklist is available over IPv6, it is important for the blacklist to support IPv6, since there will be parts of the Internet that may only use or be accessible by IPv6 (and, thus, IPv6 malware) that could be sources of spam in the near future.
Dig Deeper on Network Protocols and Security
Related Q&A from Nick Lewis
Latentbot malware has layers of obfuscation that makes it hard to detect. Expert Nick Lewis explains how its process works, beginning with a phishing...continue reading
A hard to detect type of Linux malware, Rekoobe, can download files to user systems. Expert Nick Lewis explains the malware's key functionality and ...continue reading
Pro POS, a new type of POS malware, has simple operations and is easy to obtain. How was it so successful against businesses? Expert Nick Lewis ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.