Re: IPv6 in Debian

To: debian-release@lists.debian.org
Subject: Re: IPv6 in Debian
From: Bastian Blank <waldi@debian.org>
Date: Tue, 31 Jul 2007 12:07:55 +0200
Message-id: <[🔎] 20070731100755.GB12885@wavehammer.waldi.eu.org>
Mail-followup-to: debian-release@lists.debian.org
In-reply-to: <[🔎] 200707301126.21024.mgb-debian@yosemite.net>
References: <Pine.LNX.4.64.0707292206060.4120@localhost> <20070729205221.GF16638@ftbfs.de> <[🔎] Pine.LNX.4.64.0707292317430.4558@localhost> <[🔎] 200707301126.21024.mgb-debian@yosemite.net>

On Mon, Jul 30, 2007 at 11:26:20AM -0700, Mike Bird wrote:
> I would add only one point to Tomas Pospisek's excellent
> analysis.  Without diligent precautions, IPv6 is horribly
> insecure.  You thought your firewall protected you, but
> now "apt-get dist-upgrade" will open your protected apps
> to the outside world.

No. You need to configure ipv6 connectivity also. And a packetfilter
which works as "drop something, accept the rest" are known as
problematic anyway.

Bastian

-- 
Earth -- mother of the most beautiful women in the universe.
		-- Apollo, "Who Mourns for Adonais?" stardate 3468.1

Reply to:

References:
- Re: IPv6 in Debian
  - From: Tomas Pospisek <tpo@sourcepole.ch>
- Re: IPv6 in Debian
  - From: Mike Bird <mgb-debian@yosemite.net>

Prev by Date: Re: IPv6 in Debian
Next by Date: Re: IPv6 in Debian
Previous by thread: Re: IPv6 in Debian
Next by thread: Re: IPv6 in Debian
Index(es):
- Date
- Thread