Teredo IPv6 Client Detection
Info Nessus Network Monitor Plugin ID 3875
SynopsisThe remote host is running software that should be authorized with respect to corporate policy.
DescriptionThe remote client is a Teredo client. Teredo allows clients to tunnel IPv6 traffic over IPv4. The protocol operates over UDP port 3544 and the RFC draft is sponsored by Microsoft. Teredo client puts the IPv6 data inside of an IPv4 packet and sends it to a gateway machine. The gateway machine then strips away the IPv4 header and delivers the IPv6 packet. Given this, Teredo can be used to circumvent firewall rules.
SolutionEnsure that this sort of functionality is authorized with respect to existing policies and guidelines.