Worth reading https://ris.utwente.nl/ws/portalfiles/portal/83243381/thesis_L_Hendriks.pdf
I quote a section of their conclusion: "While we did not observe any attacks specific to the new protocol itself, we found misconfigured systems to be a common problem. In the DNS for example,incorrect AAAA records render thousands of services that are perfectly reachableover IPv4, unreachable over IPv6. Another example are firewalls, that are often incorrectly configured to handle traffic containing Extension Headers, resulting in the possibility to bypass that firewall. This means SSH daemons, used to remotely configure hosts and devices behind that firewall, are suddenly reachable,thus imposing a security risk." -- Willy Manga @ongolaboy https://ongola.blogspot.com/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ AfrIPv6-Discuss mailing list AfrIPv6-Discuss@afrinic.net https://lists.afrinic.net/mailman/listinfo/afripv6-discuss