I'm now on IPv6? Was this automatic?

[Izlude]

Hey guys, while browsing (and logging into some stuff) I was given a warning that I was using a new IP address.  I checked My IP on google and was presented with an IPv6 address.  Never experienced this before... now that I think about it, about 2 days ago, the router did crap out and I had to unplug and reboot it.  After that I started using it as normal, no more issues.  I logged into these same sites after, no warning yet.   It just seems like it happened today, maybe a few hours ago.

Was this on part of my ISP switching me over, did windows change it, or is this the doing of some malware?  Scanned with a few programs, nothing detected.  Think it's safe to proceed to log into my sites?

[+Matthew S. Subscriber²]

Your ISP has IPv6 support, nothing to worry about.

[CrossCheck]

With Comcast, i am assigned both an IPv4 and an IPv6 address

[Izlude]

Thanks. Just wanted to be careful   Looks like it'll be ok from here on.

[PGHammer]

2 hours ago, CrossCheck said:

With Comcast, i am assigned both an IPv4 and an IPv6 address

This is, in fact, something that Comcast has been doing for years; Comcast is one of the first ISPs in North America to to support IPv6 across one hundred percent of its footprint.  (Notice that I specified *North America*; the Asians (and specifically NTT - Nippon Telephone and Telegraph among others) beat everybody - and primarily due to cell traffic.)  But why would an ISP do so?  Easily explainable - equipment management is a MUCH bigger PITA for a company the size of Comcast - let alone NTT or Verizon Wireless - which have far more equipment to manage - that NAT can no longer cut it.  What Comcast drops on customers - even residential customers - is typically a /32 or /24 - which even a prosumer router such as a Netgear WNDR3xxx series can mange with ease; not kidding - it was, in fact, one of the routers used in testing within the Comcast footprint.  In the case of Windows, IT has supported IPv6 back to Windows 2000 Service Pack 4 in production - more than a decade.

 

If your cable modem is an ARRIS Surfboard SB6183 or later AND your router supports IPv6 in its firmware (either native OR third-party. such as DD-WRT, OpenWRT, Tomato, etc.,) set your IPv6 settings on your router to Automatic detection; the router itself handles the rest - as will Windows, cell phones, etc. (Cell phones are - except for very old pre-Android cell phones - ready to rock; Android has supported IPv6 since (surprisingly) Ice Cream Sandwich - same is true of Apple iOS of the same age.  You should check for firmware updates for your router - they may ALSO be vulnerable to Spectre or Meltdown or other issues; I just grabbed the 1.08.94 firmware update for my WNDR3700v4 router; this update addresses WPA2 vulnerabilities.

Edited January 21, 2018 by PGHammer

[+BudMan MVC]

1 hour ago, PGHammer said:

they may ALSO be vulnerable to Spectre or Meltdown

So is he running untrusted code on his router?  Does he use his router as a vm host with different customers that might be able to sniff out other customers data on the cpu of the host?

 

While the updating of his routers firmware, etc.. is valid advice - that is going to fix or he should be concerned with meltdown or spectre on his router is a bit over the top..

 

While this is valid issue - its not the end of the world I have to get all my devices patched for this right this second.. Cloud providers that run VM hosts with different customers on the same hardware is the big risk here... Your PC, your router, your AP, etc. etc..  Your graphics card for that matter that all run cpus that are open to these problems - and yes should be addressed/mitigated when possible is not the end of the computing age sky is falling issue that many people seem to think it is..

 

What he should prob be interested in more is understanding IPv6 if he is going to use.. Make sure any firewalls he is using support it, that his rules are correct for the new ipv6 he is running.  To be honest - if he is not ready for ipv6 he should prob make sure its disabled from a security point of view... This would be a bigger concern to me than if his router patched for meltdown or spectre..

[PGHammer]

11 hours ago, BudMan said:

So is he running untrusted code on his router?  Does he use his router as a vm host with different customers that might be able to sniff out other customers data on the cpu of the host?

 

While the updating of his routers firmware, etc.. is valid advice - that is going to fix or he should be concerned with meltdown or spectre on his router is a bit over the top..

 

While this is valid issue - its not the end of the world I have to get all my devices patched for this right this second.. Cloud providers that run VM hosts with different customers on the same hardware is the big risk here... Your PC, your router, your AP, etc. etc..  Your graphics card for that matter that all run cpus that are open to these problems - and yes should be addressed/mitigated when possible is not the end of the computing age sky is falling issue that many people seem to think it is..

 

What he should prob be interested in more is understanding IPv6 if he is going to use.. Make sure any firewalls he is using support it, that his rules are correct for the new ipv6 he is running.  To be honest - if he is not ready for ipv6 he should prob make sure its disabled from a security point of view... This would be a bigger concern to me than if his router patched for meltdown or spectre..

BudMan - If Android and iOS devices have issues (and merely from posts over the last week, both do), then there is no reason that other non-Intel devices won't - the saying "assumptions are the mother of all muckups" applies.  I recommend the routers and cable modems I stated BECAUSE their SPI firewalls do cut the ketchup (in the case of ARRIS, nothing earlier does and got moved to EOL besides) .