Apollonaris Zeus wrote:jkisha wrote:Apollonaris Zeus wrote:If anyone wants to know about teredo, the best thing to do is disable it on your computer.
Why would you want to disable Teredo?
Teredo increases the attack surface by assigning globally routable IPv6 addresses to network hosts behind NAT devices, which are otherwise mostly unreachable from the Internet. By doing so, Teredo potentially exposes any IPv6-enabled application with an open port to the outside. It also exposes the IPv6 stack and the Teredo tunneling software to attacks should they have any remotely exploitable vulnerability.
Teredo is just an temporary fix for old non-compliant IPv4 NAT routers. You also don't need it to connect anywhere in the US. When everyone has a new IPv6 routers, you won't even need Teredo and no one needs to have tunneling drivers unless you need it to connect to your business network.
Again read this article. If you know about Black Hat you should take this seriously:
Black Hat 2007: Vista users urged to beware of IPv6
By Bill Brenner, Senior News Writer
02 Aug 2007 | SearchSecurity.com
LAS VEGAS -- Vista users would be wise to turn off the Teredo IP tunneling system that is enabled by default in Microsoft's newest operating system, since attackers may be able to exploit it for phishing, pharming and other mischief. James Hoagland, principal security researcher for Symantec Corp., issued that warning Thursday during a presentation at the Black Hat 2007 conference.
Hoagland -- along with fellow researchers Matt Conover, Tim Newsham and Ollie Whitehouse -- conducted an extensive analysis of Vista. They found that while Microsoft has significantly improved security in the latest version of Windows, new vulnerabilities were likely created in the process.
Hoagland said the best example may be Vista's default enabling of Teredo. The software giant has embraced Teredo as a way to help users transition from IPv4, the long-standing protocol that is quickly running short on IP address space, to IPv6, a more advanced protocol that vastly increases the number of IP addresses available to networked devices.
He said Microsoft loves IPv6 because, among other things, it eases the process of setting up peer-to-peer (P2P) gaming programs. But on the down side, IPv6 can also double Vista's possible attack surface -- at least until IPv4 is eliminated. Furthermore, many network security controls may not be ready for IPv6.
Hoagland noted that the Cupertino, Calif.-based Symantec has already discovered one Teredo/IPv6-related flaw in Vista, which Microsoft patched in the MS07-038 security update released last month. According to the researchers, the Teredo interface in Vista was not properly handling certain network traffic, allowing remote attackers to bypass firewall-blocking rules and obtain sensitive information via crafted IPv6 traffic.
Disabling IPv6 in Windows Vista -- Pros and cons: Disabling IPv6 in Windows Vista could prevent performance and security problems, but there are pros and cons. "There are some serious security implications with Teredo," Hoagland said. "This includes the potential for unexpected host accessibility, phishing and pharming threats and possible peer address disclosure."
Attackers could also exploit Vista's implementation of Teredo to bypass such network security controls as firewalls and intrusion detection-prevention (IDS/IPS) systems. To correct this, Hoagland said security tools need to be reprogrammed so they are specifically aware of Teredo.
"Because it can be so difficult to inspect Teredo, a consensus has been reached [in the information security community] that Teredo should not be used in managed networks," Hoagland said.
To be fair, he said, there are some positives with Teredo. It requires a lot of packet-sanity checks, which can prevent a number of attacks. The program also includes some decent anti-spoofing mechanisms. But for Hoagland, that's not much of a silver lining.
"Disable Teredo and block it on the network," Hoagland instructed, "upgrade your security controls and beware of Teredo tunneling through your network."
End of Article
Another thing is you don't need to connect to the internet!
As far unidentified hops in your tracerts other then your private network, you have a security problem. I've never seen this before on my internet connections.
I reiterate, don't worry about it.