Mailinglist Archive: opensuse (1599 mails)

< Previous Next >
Re: [opensuse] ipv4 Firewalls & ipv6: ipv6 encapsulate in ipv4 -> security hole?
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Mon, 26 Oct 2009 12:09:14 +0100
  • Message-id: <hc400q$tgl$2@xxxxxxxxxxxxxxxx>
Linda Walsh wrote:

Adam Tauno Williams wrote:
That is the purpose of a firewall.
---
Speaking of which...how do exsiting ipv4 firewalls interact
with IPV6?

Most probably they don't. For instance, iptables deals only with IPv4,
ip6tables with IPv6.

Many of the ipv6 solutions I see use ipv4 some for of encapsulation to
get across "ipv6-dead zones".

So isn't that an open path into your network if your firewall
is ipv4 only? Or are all firewalls easily upgraded to ipv6?...

If you're connected to IPv6 and your firewall doesn't set up any rules
for IPv6, then yes, you're wide open.


/Per

--
Per Jessen, Zürich (12.1°C)

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups