[GRLUG] IPv6: My views
Adam Tauno Williams
awilliam at whitemice.org
Fri Jun 8 16:29:50 EDT 2012
On Fri, 2012-06-08 at 15:25 -0500, L. V. Lammert wrote:
> > On Fri, 2012-06-08 at 16:02 -0400, detrix42 at gmail.com wrote:
> > > Hello everyone. About three months ago I look around to see if there
> > > were any IPv6 ready home routers.
> > No, it is *NOT* a security issue. It is *NOT* a security issue.
> Sorry, that is very shortsighted and elitist!
Yes, truth can be that way.
> If you have public ports
> that need to transit the 'boundary', then fine, a firewall is required.
No, a firewall is always required.
> However, for 99% of the SOHO/Home users, NAT is EXTREMELY valuable
> security,
No, it adds nothing at all to their security.
BLOCK ALL INGRESS.
PERMIT STATEFUL EGRESS.
Done, secure, and with far fewer caveats than [ NAT + IPv4 w /
protocol_specific_hacks + hopeless_broken_multicast ].
> something that protects against a significant number of threats.
NAT does not protect you.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20120608/5f143324/attachment.pgp>
More information about the grlug
mailing list