On Wed, Feb 23, 2011 at 11:42:37PM +1100, Andrew McGlashan wrote: > Well .... NAT does have it's advantages, one being that it can act > as a reasonably good barrier as a NATural firewall. Sure, it's not > perfect, but if you have every device with IPv6 (or v4 for that > matter) being addressable from any location, then personal firewalls > will become much more important.
Fix the border gateway. It's a strange myth that suddenly with IPv6 all the security falls down. I'd recommend [1] for a good overview of the NAT and security implications, and for this case here section 4.2. Since most of these routers used at home need at least a firmware update there's the chance to roll out some stateful firewall for IPv6 as a default. I see some oportunity here to get back to kind of a 'real' internet. On the other hand a lot of these devices seem to be Linux based nowdays, Linux 2.4.x that is, so I guess only the diverse hardware it's running on holds back mass exploitation. :-/ Sven [1] http://tools.ietf.org/html/draft-ietf-v6ops-nap-06 -- And I don't know much, but I do know this: With a golden heart comes a rebel fist. [ Streetlight Manifesto - Here's To Life ] -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110223130936.GC2058@marvin