misunderstanding scale

Mark Tinka mark.tinka at seacom.mu
Mon Mar 24 06:38:27 UTC 2014


On Sunday, March 23, 2014 09:35:31 PM Denis Fondras wrote:
 
> When speaking of IPv6 deployment, I routinely hear about
> host security. I feel like it should be stated that this
> is *in no way* an IPv6 issue. May the device be ULA,
> LLA, GUA or RFC1918-addressed, the device is at risk
> anyway.
> 
> If this is the only argument for delaying IPv6
> deployment, this sounds more like FUD to me ;-)

I guess it's no surprise that host security is not an IPv4 
or IPv6 issue.

It's just that with IPv4, the majority of unclean and 
unupdated hosts have been living behind NAT44.

In an ideal IPv6 world, all hosts have GUA's, and in this 
case, host security becomes a bigger problem, because now 
the host is directly accessible without a NAT66 in between 
(we hope).

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140324/eff8933a/attachment.sig>


More information about the NANOG mailing list