Attack hijacks sensitive data using newer Windows features


Recommended Posts

Attack hijacks sensitive data using newer Windows features

Mac OS X probably vulnerable too

Security researchers have outlined a way to hijack huge amounts of confidential network traffic by exploiting default behavior in Microsoft's Windows operating system.

The attack exploits an industry standard known as SLAAC, or Stateless Address Auto Configuration for allowing clients and hosts to find each other on IPv6 networks. When the next-generation addressing scheme is turned on, as it is by default in OS X, Windows Vista, Windows 7 and Server 2008, SLAAC can be used to create an unauthorized IPv6 network that reroutes data through hardware controlled by the attackers.

“All these Windows boxes will default connect to the evil router instead of the legitimate router when this parasitic overlay is running,” Koziol told The Register. “If Microsoft didn't have that configuration by default, it would negate a lot of the effects of the attack.”

By default, Linux, Free BSD and other operating systems aren't vulnerable, Koziol said. The only way to prevent the attack for now is to disable IPv6 on all machines that don't use the protocol

Details & related stories - http://www.theregister.co.uk/2011/04/04/slaac_attack_microsoft_windows/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...