Advertisement
Promo

Online business Toolkit

First security scare hits next-generation Internet

Marguerite Reardon CNET News

Published: 05 Jul 2004 08:55 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A vulnerability discovered in some of Juniper Networks' routing software highlights that the next-generation Internet, known as Internet Protocol version 6, still has a ways to go before it will be ready for widespread adoption.

The US Computer Emergency Readiness Team and Secunia, a security advisory company, issued alerts on Wednesday for Juniper M-series and T-series routers built between 24 February and 20 June that are running IPv6.

IPv6 is a new version of the Internet Protocol that expands the pool of unique addresses available for connecting PCs and other devices in the Internet.

The vulnerability is caused by what is called a "memory leak," which an attacker could exploit to cause a denial-of-service attack. These memory leaks occur when IPv6 packets are sent in such an order that they take up more memory than usual. As the memory is filled up, the router runs slower. And eventually when the memory is exhausted, the router crashes and reboots itself, potentially causing major service outages or significantly slowed network performance.

Customers who are registered at Juniper's support site can log on to the site to get more information on how to fix the problem. Users also can disable IPv6 in the routers' Packet Forwarding Engine, according to the advisories.

"All Junos software built on or after 20 June, 2004, includes the corrected code," a Juniper representative said. "The Junos software has been modified to release the memory occupied by the original IPv6 packets."

Experts say that the vulnerability will not have much of an impact on the Internet, because only a small number of networks throughout the world use IPv6.

Many people say that IPv4, the predominate version of the protocol used today, doesn't have enough room in its address field to support the millions of devices that will probably be added to the Internet during the next few years.

Mobile communications and new consumer IP services, such as voice over Internet Protocol and video on demand, will increase the number of devices that need IP addresses. Asia and Europe will probably be affected first, because that is where adoption of these new technologies is growing fast. Analysts don't expect the potential address shortfall to affect US networks anytime soon.

"IPv6 is still in very early stages of deployment, so it's natural to see issues coming up and getting fixed," said Thomas Kristensen, chief technology officer for Secunia. "The same kind of vulnerability came up in IPv4."

Verio, a subsidiary of NTT Communications, is one of the only carriers that offers IPv6 commercially in North America. Verio, which uses Juniper routers, has been offering its service to large corporate customers since December 2003. It expanded the offering just last month.

Aside from Verio, the only other major IPv6 launch in North America will come from the US Department of Defense. In June 2003, it set a mandate that all agencies be IPv6-ready by 2008. The agency has helped develop the Moonv6 network, which serves as a test bed for service providers and equipment makers testing IPv6 technology.

"The Defense Department has made some noise about IPv6," said Dave Passmore, research director for the Burton Group. "But other than that, there is literally zero demand from commercial customers in the US Verio offers a service, but many corporate customers don't seem interested in IPv6."

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
57 out of 116 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business



Company/Topic Alerts

Create a new alert from the list below:












Related Jobs

Managed Support Consultant - Cisco - Rochdale, Manchester, North West

Technical Author - Bucks

Technical Support Consultant - Supply Chain Software

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment

Video icon

Video

Google Chrome

Roundup: Full coverage of Google Chrome

The search giant has launched a beta of its own open-source browser, sending a clear challenge to Microsoft in the way it lets users work with applications More

Blog: Google Chrome has Microsoft's code inside, says MS manager

And furthermore, he says, that's a good thing... More

Blog: Google Chrome — nine things we've found since launch

Google must be very happy with the coverage Chrome has gathered. But it's not all good news... More


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters