Re: portsentry(1) and ipv6?

To: John Conover <conover@rahul.net>
Cc: debian-user@lists.debian.org
Subject: Re: portsentry(1) and ipv6?
From: Dan Ritter <dsr@randomstring.org>
Date: Sat, 12 Sep 2020 08:08:49 -0400
Message-id: <[🔎] 20200912120849.GK26101@randomstring.org>
In-reply-to: <[🔎] 20200912070252.29716.qmail@rahul.net>
References: <[🔎] 20200912070252.29716.qmail@rahul.net>

John Conover wrote: 
> 
> Does portsentry(1) make any sense in systems with ipv6 connectivity?
> 

Yes and no. If you want to know that machines are scanning
ports, yes. If you want to effectively block IPs, no.

You can, of course, block well known IPv6 addresses -- I block
Google's DNS resolvers on my house network -- but it's not even
a trivial barrier for attackers.

-dsr-

Reply to:

Follow-Ups:
- Re: portsentry(1) and ipv6?
  - From: Fabrice Bauzac <noon@mykolab.com>

References:
- portsentry(1) and ipv6?
  - From: conover@rahul.net (John Conover)

Prev by Date: Re: spurious CR/LF on tty (was: how to remove GUI)
Next by Date: Re: Why does Debian not include POSIX-specified commands like bc and ed by default?
Previous by thread: portsentry(1) and ipv6?
Next by thread: Re: portsentry(1) and ipv6?
Index(es):
- Date
- Thread