[nznog] Web Servers: Dual-homing or DNAT/Port Forwarding?

Jared Mauch jared at puck.nether.net
Wed Dec 11 01:32:49 UTC 2013


On Dec 10, 2013, at 8:27 PM, cb.list6 <cb.list6 at gmail.com> wrote:

> Correct. IPv6 correctly supports the end to end model.

Yes, if you know the IP address of my printer you can use up my toner (it’s already low) and paper.  Then again, It’s IPv6 so good luck finding it.  The first nibble is 2.  Let me know when you’ve found it.

:)

I’ve actually had to deal with too many networks that perform MITM or other activities that I actually find it useful to VPN to get a public, unfiltered IP address.

The days of a machine that are hit with malware in minutes/seconds are done.  The background radiation is still there, but it’s far more effective to use other methods (spam, social networks, ad networks, etc)…

Doesn’t mean that’s the only way, but many of the ‘easily exploitable’ methods from a decade ago are no longer there.

- Jared


More information about the NANOG mailing list