Re: [bitfolk] "IPocalpyse"

Hi, On 29/01/11 20:41, Daniel Case wrote: I'm currently with Virgin Media (please BT will you bring fibre-to-the-cabinet or fibre-to-the-premises to our area? ADSL stinks here and we have no choice but VM). Their official position is that they've bought up a shed load of IPv4 addresses in advance and they're not in danger of running out any time soon but yes, it will happen at some point. Unfortunately they don't offer static IPs to home users so when the DHCP pool is all full it will start to hurt. Last time I saw the question asked they said they don't support IPv6, told the guy not to use it and said they had no idea when support is coming. I think the first thing I will notice with exhaustion is when ISPs that haven't planned ahead so well run out and there start to be servers or home users (when I'm running games or VOIP) that I can't connect to because they only have IPv6. I'm also expecting to see a massive surge in botnets and spam as people who don't understand IPv6 are put onto it and don't realise that the firewall in their PCWorld home router doesn't protect IPv6 machines. I recently found an interesting instructional video on Miro that showed how to use Teredo to hang on to a compromised Windows box. The idea was to compromise someone's laptop at a coffee shop or home then even though its IPv4 address changes as it gets moved around it will always get the same IPv6 address and the bot herder can keep hold of it as he can always find it and many firewalls will just pass IPv6 traffic unmolested. They demonstrated a feature with Teredo/Metasploit that even lets you specify that you don't want it to connect if it's behind a corporate gateway so the bot herder can use your laptop when you're at home or out but it won't connect when you take it to work where the corporate firewall/IDS may be better specified and may detect the infection. This would also enable someone malicious to plant software on a laptop that captured confidential information from within a company when the machine was on the user's desk then waited until the machine was taken home in the evening to upload the stolen data to the thief. I consider myself a fairly advanced computer user but I recognise that I'm not well prepared for IPv6. You know how it goes, there aren't enough hours in the day and nothing is forcing me to use IPv6 yet so I just haven't found the time to research it properly. If that's the state I'm in then I think the average home use is probably in a much worse one. I expect this to be very well exploited by scuzzbuckets everywhere. What do you think? Cheers, Paul.