IPv6 teredo blackout June 8th
brandon at bogons.net
Wed Feb 2 20:52:40 CET 2011
> Some windows platforms have teredo enabled by default.
I never understood why that would be a good plan, the aim
is to get people doing native not deploying tunnels where
they're not intended to be
> Thoughts and mitigation?
Get MS to deploy a default off in the next patch cycle (just missed the
IE biggie) or make teredo not try. Not tested this myself -
"Block name resolution of the Teredo DNS host name, which
by default on computers running Windows 7 is teredo.ipv6.microsoft.com"
if you're lucky enough to control their DNS
More information about the ipv6-ops