On Jun 1, 2007, at 09:17, Rémi Denis-Courmont wrote:
There is something terribly wrong if one tries to use Teredo in a typical controlled corporate network. Teredo is not an "internal" transition mechanism; IETF has specified ISATAP for that purpose.
Yes. That's why there is a security concern that Teredo might be used to escape policy enforcement at the network perimeter. This draft explains how traffic in Teredo tunnels can be made subject to the same policy enforcement as everything else. That's a good thing, isn't it?
5.2.5. Maintenance The Teredo client must ensure that the mappings that it uses remain valid. It does so by checking that packets are regularly received from the Teredo server. You may argue that it does not strictly require that the client stops the tunnel when it receives no response, but this is common sense whenimplementing any NAT traversal and hole punching mechanism. Indeed, allof the, err... two publicly available Teredo client implementations do that.
I think the worry here is about the Teredo implementations that might be integrated into malware for the purpose of escaping network perimeter policy enforcement. In particular, I'd think that enterprises interested in controlling Skype would be concerned that Teredo might present an otherwise uncontrolled communication vector.
-- james woodyatt <jhw@apple.com> member of technical staff, communications engineering