The tool, dubbed VoodooNet or v00d00n3t, uses the ability of most computers to encapsulate next-generation network traffic, known as Internet Protocol version 6 (IPv6), inside of today's network communications standard, or IPv4. Because most security hardware appliances and host-based intrusion detection programs have not been programmed to inspect IPv6 packets in depth, data can bypass most network security, said independent security researcher Robert Murphy, who presented the tool at the DEFCON hacking conference last weekend.

"Most network hardware only knows to pass the traffic along," Murphy said. "For example, the Windows firewall does not handle IPv6 so these packets pass right though." The tool takes advantage of a lack of understanding of many of the issues that the next-generation network data standard poses to organization's network security. The U.S. federal government and many major corporations are transitioning to the standard by the end of the decade. The U.S. Department of Defense and the White House's Office of Management and Budget have mandated that the military services and federal agencies move their backbone systems to IPv6 by June 30, 2008.

The link for this article located at SecurityFocus.com is no longer available.