What are IPv6 shadow networks?

Tags:
IPv6
IPv6 security
WAN
Wide Area Networks
What are IPv6 shadow networks and how do I know if I have one in my companies' network?
ASKED: April 3, 2012  6:51 PM
UPDATED: April 5, 2012  9:01 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi

I think what you are referring to with shadow networks is the common case that networks have IPv6 traffic floating around, but not in a controlled and managed manner.

This is probably the case in most networks today, as many operating systems, such as Windows Vista, Windows7, Windows 2008 Server, many Linux flavors, Apple Macintosh and many others have IPv6 enabled by default. This means that these devices try to find and connect to an IPv6 network by using Neighbor Discovery.

Even if you do not have IPv6 routing and controlled deployment, these IPv6 messages can be used by attackers to get to your network. So even if you are not working on an IPv6 deployement yet, you should make sure that you secure your network, so these devices cannot be used for attacks.

Silvia

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    A "shadow network" (IPv6 or IPv4) is just two or more devices talking with each other using addresses that you aren't monitoring. For IPv6, it's a lot easier to miss because most networks are currently ignoring IPv6 even though many devices have had it available for the past decade. Windows XP began the wide availability in most networks. For IPv4, you might have an assigned subnet for a network segment; but that doesn't prevent devices from using a different subnet. In both cases, the communication may be isolated if routers/firewalls limit traffic only to your approved address ranges. Such devices might not pass, or might be configured explicitly to block, IPv6 or out-of-range IPv4 communications. In either case, you stop it primarily by looking for it. If you don't monitor, you can miss a number of things -- not just IPv6. Tom
    125,585 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following