Consumer Grade - IPV6 Enabled Router Firewalls.

Simon Perreault simon.perreault at viagenie.ca
Fri Dec 11 06:41:59 CST 2009


Mark Newton wrote, on 2009-12-11 03:09:
> You kinda do if you're using a stateful firewall with a "deny
> everything that shouldn't be accepted" policy.  UPnP (or something
> like it) would have to tell the firewall what should be accepted.

That's putting the firewall at the mercy of viruses, worms, etc. The firewall
shouldn't trust anything else to tell it what is good and bad traffic.

Simon
-- 
DNS64 open-source   --> http://ecdysis.viagenie.ca
STUN/TURN server    --> http://numb.viagenie.ca
vCard 4.0           --> http://www.vcarddav.org




More information about the NANOG mailing list