Hacking attacks are growing more sophisticated and more prevalent, with hard-pressed ISPs facing a wider range of threats. The large-brute force denial of service attacks of yesteryear have been joined by service-level and application-targeted attacks, DNS poisoning and route hijacking assaults that are more difficult to deal …
"Looking ahead, the majority of respondents to the survey reckon that the long-awaited rollout of IPv6 will prove to be a security headache."
Yes indeed, since people have been conditioned to expect to be behind a NAT router and haven't a clue how to secure a publically routable direct connection, which is exactly what they'll get with IPv6 by design and you know what? It's your fault, ISPs. You took away the end-to-end nature of the 'net and now you'll be giving it grudgingly back to a clueless, unprepared and vulnerable public. Not only that, but you've procrastinated over the rollout for far too long, giving the consumer hardware manufacturers no incentive to research and develop for IPv6. It'll all happen at once with no margin for error now we have reached this stage in the 'net's development because you simply could not be bothered to invest the time and training to get your people ready for the inevitable. Well done.
If you want to know just what they'll face in two years time, because of zero preparation and a head-in-the-sand attitude, here's a nice little linky from ElReg that shows BT Wholesale's 21CN can't handle native IPv6 anyway: http://www.theregister.co.uk/2008/10/10/21cn_ipv6/
If any of you shower of cretins laughably called "Internet Service Providers" think to mitigate your inattention by using NATed IPv4 connections over RFC1918 space when the RIRs run out, you had better think again. Some mobile networks already do this, it breaks far too much to be called an Internet connection and customers are going to be "mighty unhappy," to use the American vernacular. Of course, the freetards will love it as they'll be able to pirate shit with impunity and there's no way you're going to be able to log every NATed packet with any accuracy. Guess who will then have the attentions of the various Asses of America and Por^H^Hhonographic Industry bodies turned upon them? You think you've got problems now? Wait until 2011 turns up.
There's a suprise then.
"Providers need to have deep application insight into IP services"
But then, they would say that, since they're a DPI kit vendor and therefore hardly likely to publish any 'research' that suggests you _don't_ need to buy some of their stuff.
Hardly likely to suggest that, for instance, adoption of more secure protocols, or application level controls can be as, or more, effective, are they ?
Beyond a title,
Given the magnitude of the problems they face, from hostile entities to the implementation of the new IPV6 technology it's more than passing strange that only 21% of ISPs have troubled to install attack mitigation tools. It is even more disturbing that the industry regulator's only contribution has been to give them the green light to install spyware in their bloody server rooms.
Oh keep quiet about IPv6
It will be a panacea, we will all be connected, always on, always ready for high speed communications, all digitally enhanced goodness.
None of that silly little firewall configuration, it is named after a bug isn't it; nat. Couldn't be any good, it is a mill stone around every computer user's neck.
The IP numbers are running out, and version 6 has to be a lot better than version 4, I mean 4 is like 2 full versions older than shiny brand spanking new * 6 *.
Roll on IPv6, pay no heed to the naysayers, the world needs numbers and needs them now.
Step away from the keyboard!
This article reminds me of a dufus that I work with. He thinks that because Comcast “his ISP” advertises that they include MacAfee that they scan all data going over his Internet connection for viruses.
Apples target market!