isc.sans.org: Analyzing Teredo with tshark and Wireshark

Johannes Ullrich wrote up a nice article on Teredo, the IPv6 tunneling protocol built in to all modern versions of Windows. If you’re not sure what terado is,

The protocol tunnels IPv6 traffic from hosts behind NAT gateways via UDP packets, exposing them via IPv6 and possibly evading commonly used controls like Intrusion Detection Systems (IDS), Proxies or other network defenses.

This is an excellent read for how to detect and analyze the traffic.

This entry was posted in tech by Paul. Bookmark the permalink.

About Paul

I’m a Detroit expat recently returned from Tokyo living in Chattanooga. I’m a consulting security professional and father of two. I promise that my views and politics are mine; not yours or my employer’s or anyone’s. I follow no party or affiliation or anything. My things are released under the Creative Commons Attribution-ShareAlike 4.0 International license unless otherwise stated.

Be nice with what you write.