Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Terredo Tunneling


  • Please log in to reply
6 replies to this topic

#1 dcol

dcol

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 21 October 2015 - 12:46 PM

Mod Edit:  Split from http://www.bleepingcomputer.com/forums/t/364732/teredo-tunneling-do-i-need-it/ , moved to Win 10 Support - Hamluis.

 

I know this is an old post but had to mention this. By the way, I am using Windows 10.

 

Definetely disable the Teredo tunnel. I was watching my network traffic recently and discovered traffic on this interface that went right to a MS Redmond IP address. There was no reason for MS to be sending packets to themseleves from my network except for unwanted reasons. I think it is a gateway tunnel to gather info on us.


Edited by hamluis, 21 October 2015 - 05:26 PM.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 AM

Posted 21 October 2015 - 12:51 PM

Hi dcol :)

The Teredo Tunneling Adapter isn't used as a "gateway tunnel" to forward data to Microsoft, it's a virtual adapter used to translate IPv4 to IPv6 communications and vice-versa. If this adapter was sending data back to Microsoft in Redmond, it means that the communication had to be translated first via that adapter, but it wasn't the one causing the communication in the first place.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:32 PM

Posted 21 October 2015 - 12:52 PM

I know this is an old post but had to mention this. By the way, I am using Windows 10.

 

Definetely disable the Teredo tunnel. I was watching my network traffic recently and discovered traffic on this interface that went right to a MS Redmond IP address. There was no reason for MS to be sending packets to themseleves from my network except for unwanted reasons. I think it is a gateway tunnel to gather info on us.

This topic hasn't had a post in five years.  I wouldn't hold my breath waiting for the op to respond.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 dcol

dcol
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 21 October 2015 - 04:54 PM

I have to disagree. I did not start any communication with MS. This happens from an idle system. I tested this with a fresh OS with no programs installed and all updates and feedback turned off.

I do not use IPv6 nor does any other device connected to this system. It was packets sent over that tunnel to MS and was not initiated by me. If you can think of a legit reason my computer would be sending data to MS over this tunnel, please enlighten me.



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 AM

Posted 21 October 2015 - 05:10 PM

You can read the following :)

http://appuals.com/microsoft-teredo-tunneling-adapter/

Also, Windows 10 have a lot of features that sends data back to Microsoft, even thought you disable some stuff. You need to disable all of it. Like I said, the Teredo Tunneling Adapter is only sending data because another service or process is sending it and that data needs to be translated first. It isn't responsible for the initial transmission.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 dcol

dcol
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 21 October 2015 - 05:20 PM

That's my point. Nothing should be sending data to MS via that port. And yes I disabled all of it. Try a packet sniffer and see. I guess it could be some diag data, but that is going without my consent.



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 AM

Posted 21 October 2015 - 05:37 PM

Nothing should be sending data to MS via that port.


You don't seem to understand what this driver is used for. It cannot initiate communications, it simply translates them.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users