Matthew Prince, co-founder and CEO of CloudFlare, told eSecurity Planet that while there had been a bit of noise around IPv6-based attacks over the years, about two months ago the noise started to get real.
“In the last two months we’ve seen a number of attacks that have been IPv6 only,” Prince said. “The techniques behind those attacks tend to be similar to what we see in the IPv6 world with denial of service and large SYN floods, as well as application layer attacks.”
While Prince isn’t certain why IPv6 attacks are growing, his theory involves the fact that a lot of traditional Web security solutions rely on IP address blacklisting. IPv4 is a 32-bit address space, while IPv6 provides a much larger 128-bit address space. IP address blacklisting is not practical with IPv6, given the large address space.
Attackers are now beginning to experiment with these native IPv6 attacks. The largest such publicly reported attack to date was against Cloudflare.com itself. CloudFlare is no stranger to attackers and recently helped repel the largest known DDoS in history, which hit as much as 300 Gbps of traffic.
“We were hit with an IPv6 attack that got to about 3 Gbps,” Prince said.
Read the full story at eSecurity Planet:
IPv6 Under Attack?
Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.