There is an audit signature to recognize Teredo tunnels: IPv6_Teredo. In addition, the products will correctly recognize the traffic tunneled within a Teredo exchange. That is, any attacks embedded within Teredo will still be recognized and protected as configured.
-----Original Message----- From: [EMAIL PROTECTED] On Behalf Of Johnson, Scott Sent: Tuesday, September 12, 2006 12:00 PM To: [EMAIL PROTECTED] Subject: [ISSForum] Teredo Signature Is there a native signature for detecting Microsofts IPv6 tunneling technology "Teredo"? Scott Johnson Information Security Electric Reliability Council of Texas www.ercot.com Office: 512-248-3152 Cell: 512-917-9844 _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328. _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
