[AusNOG] Au IPv6 doubling?

Mark Smith markzzzsmith at gmail.com
Fri May 6 08:51:21 EST 2016 

On 6 May 2016 7:10 AM, "Mark Delany" <g2x at juliet.emu.st> wrote:
>
> On 06May16, Mark Smith allegedly wrote:
>
> > Possibly, and it doesn't matter.
> >
> > https://technet.microsoft.com/library/bb877979
> >
> > Every version of Windows since then has had a host firewall
>
> Exactly.
>
> I know this has been done to death, but the idea of an CPE firewall is
> becoming pretty meaningless as you have 10s or 100s of IP connected
> devices on the inside. All containing dubious software written by
> not-very-caring vendors, such as IP cameras that reach back outside
> the network to upload streams to dropbox.
>
> I think we have to start thinking of the home network as a naturally
> hostile environment - just as we do the wifi network at the local
> coffee shop.
>

I always wonder if and how often people who express this concern have and
do, without any concern or consideration, connect their laptop, smartphone
or tablet to cafe, conference, hotel, corporate or friends' networks
without first asking if there is a network firewall and then inspecting the
firewall rule set.

If the don't (and they probably don't) then they've been implicitly been
relying on host security to protect them, just haven't realised it yet.

If anything, I think the biggest threat to laptops, smartphones etc. are
completely unencrypted public WiFi networks (i.e. not even WEP) that are
"secured" using a portal. Sniffing that traffic is exceptionally easy on a
Linux host, as long as the Wifi card supports monitor mode. That is not a
special feature - it has come with the 3 laptop/desktop WiFi cards I've
bought since 2009 (including cheap TP-Link ones) and the NIC that came in
my 2013 Dell laptop, and I didn't specifically look for it as a feature
when buying.

Regards,
Mark.

>
> Mark.
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160506/c1ed707c/attachment.html>

More information about the AusNOG mailing list