Carlos E. R. wrote:
On 2023-04-22 22:35, James Knott wrote:
On 2023-04-22 16:27, Carlos E. R. wrote:
IPv6 has a security advantage in that with such a huge address space, it's extremely difficult for an attacker to find anything to attack. For example, you have a /64 prefix, which is 18.2 billion, billion addresses. This is the entire IPv4 address space squared. Out of that you will have at most a few dozen addresses. An attacker can scan all day, every day and not find anything. In contrast, with IPv4, it's not hard to find a target.
It is not that difficult. The suffix is the MAC address, which can be found by reading my posts from the past.
The MAC is used only if you configure your computers to use it. Otherwise, a random number is used.
I configured nothing. All my (openSUSE) machines are apparently using the MAC suffix.
Check out the use_tempaddr setting, /proc/sys/net/ipv6/conf/*/use_tempaddr. 1 - use the EUI-64 (MAC-based) address for outbound traffic. 0 - don't generate a privacy address 2 - use the privacy/random address for outbound traffic., (okay, that's from memory, better double check).
Even if the MAC is used, it's not used on any outgoing traffic. Outgoing connections use a privacy address, which is based on a random number and changes daily
See above.
The prefix could be obtained from my email headers, but postfix is using IPv4 still.
If your machine has a public ipv6 address and an mx or your relay has ipv6, postfix will use ipv6, unless explicitly disabled. -- Per Jessen, Zürich (15.8°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes