nyanbinaryAlert Name: Suspicious IP protocol
Alert ID: [redacted]
Severity: Medium
Source: XDR Analytics BIOC
Category: Defense Evasion
Action: Detected
Description: The process has attempted to send an a packet with a 128bit IP address. This can only mean there is an integer overflow in an IPv4 address & is commonly used by attackers to circumvent your beautifully crafted IPv4 firewall ruleset.
Host: [redacted]
Bert Driehuis@nyanbinary IPv6 is so off the radar it's not even funny. Combined with the surprisingly common misconception by tech nerds that IPv6 offers less protection than IPv4 NAT, this results in many an IPv6 setup being torn down.
I've seen cases where DDoS mitigation could be circumvented by using IPv6. No bonus points for guessing how that got resolved.
The IPv4 NAT misconception in particular drives me up the wall. NAT does diddly squat against commercial or malware driven residential proxies, nor remote access trojans.