Thus spake "Adrian Chadd" <[EMAIL PROTECTED]>
On Thu, May 31, 2007, JORDI PALET MARTINEZ wrote:
In windows, you have IPv6 firewall, so even if Teredo traverses
the "IPv4 security", there is still something there.
A good description of all this is available at:
http://www.microsoft.com/technet/network/ipv6/teredo.mspx
I've read that; but again enterprise and ISPs may impose restrictions
on the types of traffic to/from end users, and this circumvents that.
Host-based firewalls are not the be all or end all of network security.
The simplistic answer is that a site with IPv4-only security devices has to
choose whether they're going to allow or block all Teredo/6to4 traffic. If
they want finer control, they need to upgrade to a native v6 network and
native v6 security devices.
S
Stephen Sprunk "Those people who think they know everything
CCIE #3723 are a great annoyance to those of us who do."
K5SSS --Isaac Asimov
