Experts have recently predicted that the move to IPv6 could actually help spambots push out more malware. Is there...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
anything enterprises can do to protect against this?
Planning for the transition to IPv6 has been in progress for more than 10 years, and the issue with spambots is only one on the long list of potential security issues involved in the transition. Along with spam blacklists, anything that relies on IPv4 addresses will need to be investigated in order to determine whether it should be updated to support IPv6, including devices such as firewalls, VPNs, etc.
Enterprises probably already have IPv6 on their networks via IPv4 tunnels from modern client systems. However, be sure to verify whether your network security defenses support IPv6. For systems that don’t support IPv6, you should plan either to upgrade to a version that does or switch to a new product, since IPv6 will need to be implemented sometime in the next couple of years for most networks.
The issue with IPv6 spam and blacklists that Joe Stewart of the Dell SecureWorks Counter Threat Unit has identified, is current spam blacklists have been fairly effective recently to lower the amount of spam and the DHCP churn, and other changes in IPv6 may potentially make it more difficult to implement such blacklists. While DHCP churn could be exacerbated with IPv6 and limit the effectiveness of blacklists, other antispam controls that include content analysis could be implemented to reduce the spam. White and blacklists will need to be carefully managed in this transition, since there will be many new entries, and the size of the lists may become unwieldy.
Enterprises can specifically test their antispam controls to see if they work with IPv6 by enabling a test network that operates with IPv6 and then testing the individual technologies. While it shouldn’t matter currently if the blacklist is available over IPv6, it is important for the blacklist to support IPv6, since there will be parts of the Internet that may only use or be accessible by IPv6 (and, thus, IPv6 malware) that could be sources of spam in the near future.
Dig Deeper on Network Protocols and Security
Related Q&A from Nick Lewis
The remote administration Ammyy Admin software was repeatedly found to be spreading different types of malware. Expert Nick Lewis explains how ...continue reading
The Keydnap malware has the ability to steal passwords stored in the Keychain Access app on Mac systems. Expert Nick Lewis explains how to mitigate ...continue reading
The CryptXXX ransomware has been spreading through compromised legitimate websites that redirect to malicious sites. Expert Nick Lewis explains how ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.