Mailinglist Archive: opensuse (933 mails)

< Previous Next >
Re: [opensuse] IPv6 firewall
  • From: James Knott <james.knott@xxxxxxxxxx>
  • Date: Sun, 06 Jun 2010 10:32:29 -0400
  • Message-id: <4C0BB17D.2070204@xxxxxxxxxx>
Hans Witvliet wrote:
He noticed that he got from his ISP directly, both a V4 AND a V6
address, without even being told about the possibility!
Did he actually get an IPv6 address from the ISP? Or did he just notice the link local IPv6 address. A quick test for IPv6 internet is to try to go to ipv6.google.com.

So the lesson for lot's of people: even if you're not using (knowingly)
IPv6, configure your firewall for it.
My Linux box firewall is configured to pass only ssh, OpenVPN and the 6to4 tunnel on IPv4. When I port scan my computers that are behind the firewall, but have an IPv6 address, I can see all the open services, not just those I want available on the internet. That's something I'll have to get around to resolving soon.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups