[OpenWrt-Devel] OpenWRT IPv6 firewall

Russell Senior russell at personaltelco.net
Sat Jul 19 21:20:37 EDT 2014


>>>>> "David" == David Lang <david at lang.hm> writes:

David> go do a tcpdump of your WAN interface some time, look at all
David> the attacks that are going on there (especially with an ISP
David> that's not blocking it for you)

Bear in mind, scanning an IPv6 network is a self-inflicted
denial-of-service attack.  The universe will end before you finish
testing the addresses on *one* /64 network.

If someone has your host's globally routable IPv6 address, e.g. from
observing your traffic, that's a bit different.  But otherwise, unless
you advertise your ipv6 address, it's very unlikely anyone is going to
guess it.


-- 
Russell Senior, President
russell at personaltelco.net
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list