Symantec Voices Security Concerns over Vista’s Use of Tunneling …

Short Description
company points out in its latest report, “Windows Vista Network Attack … Friedrichs said Symantec expects attackers to concentrate on hacking Vista with …

Website: www.physorg.com | Filesize: 10kb

Content
Symantec Voices Security Concerns over
Vista’s Use of Tunneling Protocol
Security company Symantec says new research supports fears that Windows Vista’s use of the IP
tunneling protocol Teredo is potentially insecure.
Microsoft is using Teredo to enable a transition from IPv4, which is the traditional version of the network
layer protocol for packet-switched networks now used as the Internet’s background, to IPv6, an updated
protocol whose biggest benefit is the exponential increase it will bring in the number of IP addresses
available for networked devices.
Symantec, based in Cupertino, Calif., first brought up concerns about Teredo in November 2006. As the
company points out in its latest report, “Windows Vista Network Attack Surface Analysis” (PDF),
Microsoft rewrote the network stack from the ground up in Vista. By doing so, Symantec said, Microsoft
has “removed a large body of tested code and replaced it with newly written code, possibly introducing new
corner cases and defects.”
Oliver Friedrichs, a director at Symantec Security Response, said the introduction of Teredo - one of those
newly written, potentially buggy pieces of code - has “a number of security implications.”
“Many firewalls and intrusion detection systems are not Teredo-…