Mailinglist Archive: opensuse (1599 mails)

< Previous Next >
Re: [opensuse] ipv4 Firewalls & ipv6: ipv6 encapsulate in ipv4 -> security hole?
On Sun, 2009-10-25 at 20:44 -0700, Linda Walsh wrote:

So isn't that an open path into your network if your firewall
is ipv4 only? Or are all firewalls easily upgraded to ipv6?...

I'm a bit unclear on this -- seems like opening ipv6 inside my ipv4
network is a potentially large and "unmonitorable" security hole, since I
can't even see the address as the firewall.

Yes,

This is exactly what i found on a local forum.

A Dutch cable-provider started to provide v6 besides v4, and people
unexpectedly found that their M$ machines suddenly had an public IPv6
address. Scarry, not? Mostly because they were in the very false
assumption that their machines had an (unroutable) rfc1918 address, and
an firewall dealing with ipv4.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >