Security 10748 Published by

A man-in-the-middle attack can use the IPv6 protocol to eavesdrop on IPv4 networks, though an attacker would have to physically place a router in the targeted environment for it to work.



From InformationWeek:
The attack works by introducing an IPv6 router into an IPv4 network, but only connecting the router to the IPv4 Internet. Using router advertising (RA) to create addresses--via a process known as Stateless Address Auto Configuration (SLAAC)--the attacker can control where traffic travels. Next, an attacker can use NAT-PT, "an experimental protocol used to connect IPv6 only networks to the legacy IPv4 network," said Johannes Ullrich, chief research officer for the SANS Institute, in a blog post that analyzes this so-called SLAAC attack.
  Windows IPv4 Networks Vulnerable To IPv6 Attack