Teredo Detection

Teredo introduces yet another way for data to travel to and from the Internet. This dashboard reports on Teredo servers and Teredo traffic entering and exiting your network. Based on your organization's policies, this data will help you track and address systems whose IPs have been identified with Teredo traffic.

• July 29, 2012 - v1 - SecurityCenter 4.4
• Requirements: Nessus and PVS
• Download: teredo_detection.zip

Teredo was originally developed by Microsoft to provide IPv6 (Internet Protocol version 6) connectivity by encapsulating IPv6 datagram packets within IPv4 User Datagram Protocol (UDP) packets. This data can traverse through NAT devices, which can introduce an attack vector not normally monitored. Teredo nodes (relays) that have access to the IPv6 network then receive the packets, unencapsulate them, and route them on.

Since Teredo assigns globally routable IPv6 addresses to network hosts behind NAT devices, it is important to keep track of systems with this feature enabled.