Options
thanks ,,, bill .... for teredo .....
We would like to note that the Microsoft Windows Vista Operating System (OS) will be available to consumers today. In addition to having native Internet Protocol version 6 (IPv6) enabled, Windows Vista also has Teredo enabled. Teredo is IPv6 over UDP port 3544. This provides IPv6 in environments that do not already have IPv6 capability.
Teredo is capable of network address translation (NAT) traversal. This allows two Teredo enabled devices to communicate directly with each other, even if both are on private address spaces behind firewalls or NAT devices. Public Teredo relays are already present on the Internet; hence, Teredo enabled devices are also exposed to the globally routable IPv6 address space, even when not exposed to the global IPv4 space.
Teredo may be blocked by an IPv4 firewall by blocking outbound UDP port 3544. Due to Teredo`s use of a "STUN" (Simple Traversal of UDP over NAT) like protocol for managing peer to peer NAT traversal, it is not sufficient to merely use a stateful firewall or NAT device to block inbound UDP port 3544. The X-Force Threat Insight Quarterly (XFTIQ) titled, Security implications and considerations of Internet Protocol version 6 (IPv6), provides additional information on the topic of deploying IPv6.
Also of interest is the publication of David Litchfield`s book The Oracle Hacker`s Handbook. The author has posted links to two of the book`s chapters, Indirect Privilege Escalation in Oracle (PDF) and Defeating Virtual Private Databases in Oracle (PDF), to a public mailing list. Readers should be aware that the author may expect that the reader possess a certain basis of knowledge; case in point, the chapter regarding virtual private databases or VPD.
We would also like to remind our customers that as Saint Valentine`s Day approaches attackers may attempt to take advantage of unsuspecting individuals via cyber-threats such as phishing scams and malware. For instance, some variants of the recently highlighted Storm Worm (CME-711) have been propagating via e-mails with romance-themed subject headings. We continue to recommend that our customers ensure their IPS, anti-virus, firewall and spam filtering software are up-to-date.
Teredo is capable of network address translation (NAT) traversal. This allows two Teredo enabled devices to communicate directly with each other, even if both are on private address spaces behind firewalls or NAT devices. Public Teredo relays are already present on the Internet; hence, Teredo enabled devices are also exposed to the globally routable IPv6 address space, even when not exposed to the global IPv4 space.
Teredo may be blocked by an IPv4 firewall by blocking outbound UDP port 3544. Due to Teredo`s use of a "STUN" (Simple Traversal of UDP over NAT) like protocol for managing peer to peer NAT traversal, it is not sufficient to merely use a stateful firewall or NAT device to block inbound UDP port 3544. The X-Force Threat Insight Quarterly (XFTIQ) titled, Security implications and considerations of Internet Protocol version 6 (IPv6), provides additional information on the topic of deploying IPv6.
Also of interest is the publication of David Litchfield`s book The Oracle Hacker`s Handbook. The author has posted links to two of the book`s chapters, Indirect Privilege Escalation in Oracle (PDF) and Defeating Virtual Private Databases in Oracle (PDF), to a public mailing list. Readers should be aware that the author may expect that the reader possess a certain basis of knowledge; case in point, the chapter regarding virtual private databases or VPD.
We would also like to remind our customers that as Saint Valentine`s Day approaches attackers may attempt to take advantage of unsuspecting individuals via cyber-threats such as phishing scams and malware. For instance, some variants of the recently highlighted Storm Worm (CME-711) have been propagating via e-mails with romance-themed subject headings. We continue to recommend that our customers ensure their IPS, anti-virus, firewall and spam filtering software are up-to-date.
rm -rf /