Indie security researcher Robert Murphy presented a tool at Defcon that encapsulates traffic with IPv6. The tool is called VoodooNet. The thought pattern here is that this tool can move through networks undetected as most IDS and firewall systems cannot read IPv6 packets.
The tool takes advantage of a lack of understanding of many of the issues that the next-generation network data standard poses to organisations’ network security. The US federal government and many major corporations are transitioning to the standard by the end of the decade. The US Department of Defense and the White House’s Office of Management and Budget have mandated that the military services and federal agencies move their backbone systems to IPv6 by 30 June, 2008.
So, if the tool in fact works as advertised this will at least be an interesting way for people in oppressive countries to communicate freely. At least until companies gear up for the IPv6 rollout.
[tags]IPv6, TCP, Covert Channels, Covert Tool[/tags]