[OpenWrt-Devel] IPv6 firewall and Port Control Protocol (Was: Barrier Breaker 14.07-rc1)
benoar at dolka.fr
Fri Jul 18 05:29:52 EDT 2014
Le jeudi 17 juillet 2014 à 17:03 -0700, David Lang a écrit :
> But the reality is that hackers and worms have shown that leaving systems
> exposed to the Internet is just a Bad Idea.
Do you mean, all the hackers and worms we see today despite all these
systems being behind blocking firewalls and NATs?
> link-local addressing isn't a good idea, because the average home will have
> three separate links (wired plus two bands of wireless), these can get bridged
> together, but that causes problems as well.
For this, you have ULA. It is available in OpenWRT and recommanded by
the RFCs cited earlier.
> But do you really want to see the news stories about how anyone running openwrt
> is vulnerable to $lastest_windows_exploit but people running stock firmware
This is nonsense, this will never happen as nobody cares about OpenWRT.
> Yes, it would be ideal if every host was locked down so that it was safe for
> them to be exposed.
They are exposed anyway, by other means.
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel