Thoughts on Vista
To mark the launch of Microsoft Windows Vista, CSO Online asked me to write this article. The editor titled it "Security In Microsoft Vista? It Could Happen." I think I took a balanced approach. Let me know what you think. I was pleased to see my FreeBSD reference survived the editor's review!
Comments
We received some packets today from someone who was chomping at the bit to get his Windows Vista up and on the wire, and was in for an interesting surprise. After a short while, he was being barraged with a good number of UDP port 53186 packets from around the globe. A bit of digging gave me an education in Teredo - Microsoft's IPv6 over IPv4 encapsulation, discussed in: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/teredo.mspx and RFC3904. Teredo's strength is it's ability to traverse NAT firewalls while maintaining the protections offered by IPv6, and it has been used to build tunnels for plenty of OSes and applications, including Windows P2P and especially the Peer Name Resolution Protocol, PRNP.
Best thing to do is if you do not need the v6 service to disable it (much like how we do normal business today for other services).
One other comment, I heard a Microsoft rep talk about the orders of magnitude of download performance (as much as 10x + faster) between longhorn and vista, do you think this will cause havok for network security appliances?
My blog entry here.
KB
Kettler