[AusNOG] IPv6 excuses
Noel Butler
noel.butler at ausics.net
Mon May 30 12:38:03 EST 2016
On 29/05/2016 11:52, Mark Newton wrote:
>> You might argue that end users should deal with this themselves, but
>> many end users are either incapable or uninformed, and if it's trivial
>> to provide protection at the CPE with minimal impact, how is this a
>> bad
>> idea?
>
> Is this seriously an excuse for not deploying IPv6? That IPv6 should
> not be
> deployed because people on the IPv4 internet suffer application-based
> attacks?
>
ISP's do not block traffic to any IPv4 address to "protect" end users,
they might block odd ports, say 25, etc, but thats not to protect E/U,
its to stop E/U running mail servers, Optusnet did this when Singtel
took them over from C&W back in 2000, but I don't think even they do
know...
If your ISP isn't (and they aint) responsible for protecting E/U on IPv4
why do some think they should on IPv6....
NAT offers limited security by accident, it wasn't AFAIK a deliberate
design "selling point", I have security camera network at home, its
system talks automagically opens its port to the world by default.. so
those on IPv4 who think they are protected, likely have little idea as
to how little they are...
I would rather my ISP not fsck with my connection - its up to me to
secure my devices
So Marks right, its hardly a reason, in fact, its bottom of the barrel
lazy excuse.
PS
Yes, my camera network is secured :)
PPS
No I dont have native IPv6 (/me looks at TPG)
--
If you have the urge to reply to all rather than reply to list, you best
first read http://members.ausics.net/qwerty/
More information about the AusNOG
mailing list