Hackers are taking advantage of this uncertain time, as IPv6 begins to find its way into networks but is not yet fully deployed.
My colleague Carolyn Duffy Marsan has the dirt on the security threats posed by IPv6. Ironically, one of the benefits of IPv6 was supposed to be greater built-in security. But in this interim period before widespread IPv6 deployment, any network that hasn’t fully and completely made the shift to IPv6 may still be transporting IPv6 traffic via a tunnel in IPv4 traffic.
That would be fine in a world where we’re all on the same team and just want a way for our networks to all get along. But in reality, malware creators see those tunnels as a way in or out of your network.
Marsan’s article indicates that the answer is either to block IPv6 traffic altogether or to upgrade your firewalls so that they can see inside those tunnels.
IPv6 has had enough challenges with adoption already – even though the need has very clear for years, the issue just hasn’t felt very urgent. The biggest reason for upgrading is that we’re getting closer and closer to running out of IPv4 addresses, but it seems like we will actually have to go to zero before people will act.
Coincidentally, blogger Jeff Doyle noted last month that we are entering an “awkward” phase for networks, the transitional period between the old and new protocols. They will have to coexist for years, he points out, and service providers will be challenged to find ways to reduce the impact of any changes on the end users.
He doesn’t mention the security holes that the transition leaves open, but obviously they’re there, and the bad guys are already using those channels for their own ends. It’s pretty clear that the sooner we can make the transition, the better off we’ll all be, but there’s no sign that it will be a quick or a smooth transition.




