Am Mittwoch, 25. Juni 2014, 19:23:44 schrieb Martin Rex:
IPv6 privacy addresses are security theater when the network prefix
is constant and the number of users sharing the prefix is tiny.
...ahh,
which is 'not' the case with (much) shorter IPv4 network prefixes and (much)
smaller address pools?!...
Seeing NAT as any kind of "network security" or "anonymity" feature is a major
reason for the major security and abuse problems within the internet today
(incl. bots and similiar you mentioned).
The fact that most users are not providing services on the net is not true at
all.
Alone all that "nice" stuff from Skype to TeamViewer whose major point is that
they "trick out" typical, non managed stateful inspection firewalls on NAT and
the fact that even most typical IT service providers are using and
recommending that crap for high risky scenarios shows that it is time to bring
up pressure to think about.
And if IPv6 will bring up this too - plus one point from me...
On the other hand - i have a lot of new internet app scenarios in mind which
are not practical today without a more flexible - access network transparent -
end user access to IP.
cheerioh,
Niels.
--
---
Niels Dettenbach
Syndicat IT & Internet
http://www.syndicat.com
PGP: https://syndicat.com/pub_key.asc
---
signature.asc
Description: This is a digitally signed message part.