[OpenWrt-Devel] OpenWRT IPv6 firewall

Russell Senior russell at personaltelco.net
Sat Jul 19 21:20:37 EDT 2014

>>>>> "David" == David Lang <david at lang.hm> writes:

David> go do a tcpdump of your WAN interface some time, look at all
David> the attacks that are going on there (especially with an ISP
David> that's not blocking it for you)

Bear in mind, scanning an IPv6 network is a self-inflicted
denial-of-service attack.  The universe will end before you finish
testing the addresses on *one* /64 network.

If someone has your host's globally routable IPv6 address, e.g. from
observing your traffic, that's a bit different.  But otherwise, unless
you advertise your ipv6 address, it's very unlikely anyone is going to
guess it.

Russell Senior, President
russell at personaltelco.net
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list