On 2014-04-27 09:04, Klaus Ethgen wrote:
And exactly that is the problem with IPv6. Due the dynamic nature of
IPv6, you might be reachable from the net by accident if you have IPv6
enabled. If you don't use it and don't address it security wise the
same
that you do IPv4, you will be screwed. And let me note that most people
have good firewall for IPv4 but none for IPv6, simply for the reason
they do not have it on there radar.
You can also turn off the automatic configuration bits.
Thats the reason why I have IPv6 switched of completely on most of my
devices (except some experimental where I want to play with IPv6 that
is
fare from good enough to use in productive environment).
And even more, it is good security praxis to have unused stuff at least
switched of or better not even installed or compiled in. So, I believe
that this bug even affect many people that uses mtr on debian; at least
that ones who care about secure systems.
I know that people argue that way. But I still doubt that many people
are affected. Anyway, feel free to provide a patch. :)
Kind regards
Philipp Kern
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
