Arguing against using public IP space

• Previous message (by thread): Arguing against using public IP space
• Next message (by thread): Arguing against using public IP space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

William Herrin wrote:
> If your machine is addressed with a globally routable IP, a trivial
> failure of your security apparatus leaves your machine addressable
> from any other host in the entire world which wishes to send it

Isn't that the case with IPv6? That the IP is addressable from any host 
in the entire (IPv6) world? And isn't that considered a good thing?

I don't think that being addressable from anywhere is a security hole in 
and of itself. It's how you implement and (mis)configure your firewall 
and related things that is the (potential) security hole. Whether the IP 
is world addressable or not

> with all your stuff. Yet when you forget to throw the deadbolt, it
> does stop an intruder from simply turning the knob and wandering in.

Personally I prefer car analogies when it comes to explaining (complex) 
computer matters. ;-)

Greetings,
Jeroen

-- 
Earthquake Magnitude: 5.2
Date: Monday, November 14, 2011 22:08:15 UTC
Location: eastern Turkey
Latitude: 38.6644; Longitude: 43.0993
Depth: 10.00 km

• Previous message (by thread): Arguing against using public IP space
• Next message (by thread): Arguing against using public IP space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]