Saturday, August 3, 2013

IPv6 attack against Windows 8 machines

Security firm NeoHapsis is warning that the protocol, which has been undergoing a rollout over the last several years, could be subject to a unique attack that redirects users to unwanted potentially malicious pages. Dubbed a "SLAAC" attack, the operation takes advantage of the client-side rollout of IPv6 and the built-in preference such systems have for the new protocol. "Modern operating systems, such as Windows 8 and Mac OS X, come out of the box ready and willing to use IPv6, but most networks still have only IPv4," explained Neohapsis researchers. The researchers went on to describe an attack in which the attacker finds and IPv4 and sets up a server or network impersonating an IPv6 alternative. When users attempt to load the intended site, their systems could, by default, select the imposter network instead, sending their traffic through the attacker's systems. <more>

No comments: