NoelC Posted August 21, 2015 Share Posted August 21, 2015 (edited) Who here knows more about the Teredo tunneling (IPv6 embedded within IPv4) that the svchost process Windows is doing with servers in Redmond and London (and possibly others)? It's done via UDP, connecting to win8.ipv6.microsoft.com port 3544 (which can be several addresses, including 157.56.106.184, 157.56.144.215, 94.245.121.251, 94.245.121.253) From what I read this effectively punches through whatever security you may THINK you have by using a router between your computer and the wild Internet. Using more aggressive outgoing connection firewall settings is an eye-opening experience for sure. FYI, with Teredo (UDP to remote port 3544) blocked Windows 8.1 still seems to work just fine. So what's leaking out through that tunnel on virtually every Windows 8 system? -Noel Edit 2015 08 21 13:15: Some pertinent links I've turned up: https://lonesysadmin.net/2011/04/25/how-to-disable-teredo-ipv6-tunneling-in-microsoft-windows/ http://etherealmind.com/microsoft-teredo-ipv6-tunneling-no-go-crap/ Plus there is some indication that there are (at least?) two other means by which IPv6 is being encapsulated in IPv4, which leads to additional security worries. More research is needed... Edited August 21, 2015 by NoelC Link to comment Share on other sites More sharing options...
GrofLuigi Posted August 23, 2015 Share Posted August 23, 2015 Reading... (also the previous parts) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now