Home / News I have a News Tip

'First True' Native IPv6 DDoS Attack Reported

Possibly the first documented native IPv6 DDoS attack reported today suggests a DNS dictionary attack which originated from around 1,900 different native IPv6 hosts, on more than 650 different networks. Mark Mayne reporting in SC Media: "The distributed attack demonstrates that hackers are deploying new methods for IPv6 attacks, as widely predicted, not simply replicating IPv4 attacks using IPv6 protocols… [Barrett Lyon, head of research and development, Neustar, says:] We've been expecting this event for a while, but it has now happened. We've also seen a real ramping up of IPV4 attacks this year too — nearly double compared to the same period in 2017 — but IPV6 attacks present some unique issues that can't be easily solved. One example is the sheer number of addresses available to an attacker can exhaust the memory of modern security appliances..."

Related topics: Cyberattack, Cybersecurity, DDoS, IPv6
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

18446744073709551615 addresses Phil Howard  –  Mar 02, 2018 8:41 PM PDT

yep, there are more addresses.  but not as many as a lot of people think there are.  just consider the first 64 bits.  in most cases this is one user.  when blocking an attack source, don't bother with more than 64 bits.  when looking at where an attack might be going, don't bother with more than 64 bits.  consider the remaining 64 bits of the 128 bit address field as garbage; there's nothing in there that helps diminish the attack.

To post comments, please login or create an account.

Related

Topics

New TLDs

Sponsored byAfilias

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC