IPv6 uptake (was: The Reg does 240/4)

• Previous message (by thread): IPv6 uptake (was: The Reg does 240/4)
• Next message (by thread): IPv6 uptake (was: The Reg does 240/4)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 16, 2024 at 5:22 PM Michael Thomas <mike at mtcc.com> wrote:
> On 2/16/24 5:05 PM, William Herrin wrote:
> > Now, I make a mistake on my firewall. I insert a rule intended to
> > allow packets outbound from 2602:815:6001::4 but I fat-finger it and
> > so it allows them inbound to that address instead. Someone tries to
> > telnet to 2602:815:6001::4. What happens? Hacked.
>
> Yes, but if the DHCP database has a mistake it's pretty much the same
> situation since it could be numbered with a public address.

Um. No. You'd have to make multiple mistakes cross-contaminating your
public and private ethernet segments yet somehow without completely
breaking your network rendering it inoperable.


> NAT is not without its own set of problems,

NAT's problems are legion. But the question was whether and how NAT
improves the security of a network employing it.

Regards,
Bill Herrin


-- 
William Herrin
bill at herrin.us
https://bill.herrin.us/

• Previous message (by thread): IPv6 uptake (was: The Reg does 240/4)
• Next message (by thread): IPv6 uptake (was: The Reg does 240/4)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]