Summary

IPv4 and IPv6 are types of network addresses that help devices connect to the internet. IPv4 only ever had 4.3 billion available addresses and now there aren’t any left. IPv6 offers 340 undecillion addresses, but there’s one “feature” that everyone should be made aware of: IPv6 addresses are publicly routable.

This means that if a device in your home is using IPv6 and if your ISP has turned on IPv6 on your router (which is happening more and more often), then your device is reachable directly over the internet.

This is especially concerning given a recent vulnerability with Windows which allows a remote actor to fully take over a Windows PC that has IPv6 enabled without any action required by the end user.

Breakdown

• IPv6 became a standard in 2017 but is still in the widespread adoption phase.
• IPv6 was created to address the shortage of IPv4 addresses.
• One of the main “features” of IPv6 is that individual devices can be reached directly over the internet.
• “Link-local” IPv6 addresses are not publicly routable.
• You can identify Local IPv6 Addresses because they generally start with fe80:: - as opposed to publicly routable IPv6 addresses which start with 2xxx:: or 3xxx:: (where ‘x’ is some hexadecimal value).
• Test your IPv6 connectivity using the website https://test-ipv6.com
• The Windows implementation of IPv6 has a flaw that allows remote access to Windows systems without any user interaction.
• Microsoft released an update to fix the IPv6 flaw.
• You can identify Local (as opposed to Public) IPv4 addresses because they look like 10.x.x.x, 172.16.x.x to 172.31.x.x, and 192.168.x.x (where ‘x’ is some number 0-9)