Mailinglist Archive: opensuse (933 mails)

< Previous Next >
Re: [opensuse] IPv6 firewall
  • From: G T Smith <grahamsmith@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 07 Jun 2010 10:00:11 +0100
  • Message-id: <4C0CB51B.6030304@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

James Knott wrote:
G T Smith wrote:
Hmm... this not so much a lesson but a failure of service. How many
consumer users are actually able to discover this, let alone understand
the implications.



Fortunately, with IPv6, the address range is so huge and likely to
always be sparsely populated, that pinging on a bunch of addresses, to
find a target, will be futile. Attackers will have to intercept an
address somehow, to be able to find something to attack.

Who actually uses only numeric addresses to access devices? There is a
huge numeric address space but a slightly more specific name space.
Broadcast and crawling attacks are also not the only way to glean info
on vulnerabilities. If you have a hole is wise to assume that someone
will not find and use it?


- --
==============================================================================
I have always wished that my computer would be as easy to use as my
telephone.
My wish has come true. I no longer know how to use my telephone.

Bjarne Stroustrup
==============================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAkwMtRsACgkQasN0sSnLmgJgAACfZZ6Ygu4wmdBYV3cqnvigt8A3
8c0An0fPfq8lTrREGRXGF12N+CbQhmvU
=K0lc
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >