Experts have recently predicted that the move to IPv6 could actually help spambots push out more malware. Is there...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
anything enterprises can do to protect against this?
Planning for the transition to IPv6 has been in progress for more than 10 years, and the issue with spambots is only one on the long list of potential security issues involved in the transition. Along with spam blacklists, anything that relies on IPv4 addresses will need to be investigated in order to determine whether it should be updated to support IPv6, including devices such as firewalls, VPNs, etc.
Enterprises probably already have IPv6 on their networks via IPv4 tunnels from modern client systems. However, be sure to verify whether your network security defenses support IPv6. For systems that don’t support IPv6, you should plan either to upgrade to a version that does or switch to a new product, since IPv6 will need to be implemented sometime in the next couple of years for most networks.
The issue with IPv6 spam and blacklists that Joe Stewart of the Dell SecureWorks Counter Threat Unit has identified, is current spam blacklists have been fairly effective recently to lower the amount of spam and the DHCP churn, and other changes in IPv6 may potentially make it more difficult to implement such blacklists. While DHCP churn could be exacerbated with IPv6 and limit the effectiveness of blacklists, other antispam controls that include content analysis could be implemented to reduce the spam. White and blacklists will need to be carefully managed in this transition, since there will be many new entries, and the size of the lists may become unwieldy.
Enterprises can specifically test their antispam controls to see if they work with IPv6 by enabling a test network that operates with IPv6 and then testing the individual technologies. While it shouldn’t matter currently if the blacklist is available over IPv6, it is important for the blacklist to support IPv6, since there will be parts of the Internet that may only use or be accessible by IPv6 (and, thus, IPv6 malware) that could be sources of spam in the near future.
Dig Deeper on Network Protocols and Security
Related Q&A from Nick Lewis
Malware is increasingly using DNS tunnels to aid in data exfiltration. Expert Nick Lewis explains how the attacks work and how best to defend against...continue reading
Researchers warned about the rise of a new cross-site scripting flaw involving same-origin policy. Expert Nick Lewis explains the vulnerability and ...continue reading
Malware authors are adopting software wrapping to hide malicious code and avoid detection. Expert Nick Lewis explains how to defend against the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.