misunderstanding scale

Mark Andrews marka at isc.org
Mon Mar 24 01:14:55 UTC 2014


In message <CAN3um4wnMPW=BQ6ec_=NH-Ua50Nn3QL9T+NXdo-ADNzCJHKQYQ at mail.gmail.com>
, Mike Hale writes:
>  "I wasn't aware that calling out FUD was derisive, but whatever."
> It's derisive because you completely dismiss a huge security issue
> that, given the state of IPv6 adoption, a great majority of companies
> are facing.
> 
> Calling it FUD is completely wrong because it *is* a legitimate
> security issue for most businesses.  Sure, you've got the few who have
> been able to properly plan for and secure their networks against the
> increased attack surface of IPv6, but again...most companies haven't.
> 
> Slinging false proclamations of FUD is as harmful as FUD itself.

And there are security issues with IPv4 but no one is saying don't
deploy IPv4 because there are security issues.  There are security
issues with just about everything.  Most of them are rare and have
mitigations.

Saying there are security issues without enumerating them is FUD.

There is a security issue with DHCP, there is no authentication of
the server.  For 99.99% of sites this is a non issue.  For those
where it is a issue there are mitigation strategies.  This doesn't
stop it being a security issue.

> On Sun, Mar 23, 2014 at 4:49 PM, Timothy Morizot <tmorizot at gmail.com> wrote:
> > On Mar 23, 2014 6:21 PM, "Paul Ferguson" <fergdawgster at mykolab.com> wrote:
> >> Says you.
> >
> > And many others. My comments were actually reiterating what I commonly see
> > presented today.
> >
> >> On the other hand, there are beaucoup enterprise networks unwilling to
> >> consider to moving to v6 until there are management, control,
> >> administrative, and security issues addressed.
> >
> > Whereas there are other enterprise networks, including mine, who are
> > actively deploying IPv6 and have been for a number of years now. So unless
> > you can come up with something truly novel that we haven't already dealt
> > with, I'll stick by my use of FUD.
> >
> >> You can continue to deride our issues, and make derisive comments
> >> until your heart's content, but it does not change reality.
> >
> > I wasn't aware that calling out FUD was derisive, but whatever.
> >
> > Cheers,
> >
> > Scott
> 
> 
> 
> -- 
> 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the NANOG mailing list