Comcast enables 6to4 relays

Jack Bates jbates at brightok.net
Tue Aug 31 16:07:34 UTC 2010


Jeroen Massar wrote:
> 
> Jack: there are a lot more methods to infect a host than this as there
> are lots and lots of p2p protocols which are being used by C&C botnets.
> And never forgot about this very simple protocol called HTTP(S).
> 

I agree, though let's consider HTTP. If a firewall is set to filter it, 
yet you are tunneling through with IPv6, you've bypassed your HTTP 
filters which may, among other things, provide AV protection. I 
recognize that there are plenty of ways to infect a machine. My concern 
is that teredo can bypass firewall security and relies upon host 
security to protect the computer. Unfortunately, not everyone utilizes 
host security and has dependence on network firewalls.



Jack




More information about the NANOG mailing list