On Tue, 18 Dec 2007 15:49:18 GMT "Paul Ferguson" <fergdawg@netzero.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- -- "Christopher Morrow" <morrowc.lists@gmail.com> wrote:
On Dec 17, 2007 9:59 PM, Paul Ferguson <fergdawg@netzero.net> wrote:
And in fact, "threat propagation" in a v6 world may actually be worse than expected, and naivet_ may actually contribute to a larger-scale attack, given the statistical possibility of potentially more victims.
naivete because folks believe the 'v6 is more secure' propoganda? or some other reason?
Yes. :-)
Address space size, and proximity, may well be red herrings in this discussion.
can you expand on this some?
Someone else mentioned "self-infliction" in this thread, and that's spot on.
Over the course of the past year or more, we've seen less & less "scanning & self-propagating" malware, and more & more self-infliction, either by being duped via social engineering or just by drive-by infections/compromises.
As it stands, now -- and unless the pendulum swings the other way -- the whole "...v6 address space is larger, thus it is much harder to scan and thus propagation of worms is much harder..." train of thought is completely misguided.
It has been for quite a while - and so has NAT/NAPT = IPv4 security, for exactly the same reason. Some people say IPv6 isn't necessary because of IPv4 NAT/NAPT being available, and then when they say why, it's commonly because of the supposed "security" of IPv4 NAT/NAPT that'd be "lost" when moving to no-NAT IPv6. Regards, Mark. -- "Sheep are slow and tasty, and therefore must remain constantly alert." - Bruce Schneier, "Beyond Fear"