Questions tagged [ipv6]
IPv6 is the next generation protocol for Internet networking. IPv6 expands on the current Internet Protocol standard known as IPv4. Compared to IPv4, IPv6 offers better addressing, security and other features to support large worldwide networks.
69 questions
0 votes
1 answer
319 views
Is NAT66 increasing security?
NAT is so standard for IPv4 that nobody thinks about it but for IPv6 it's considered a really bad option. (Article from APNIC) Of course there's the stateless NPTv6 and the firewall can be configured ...
- 219
0 votes
0 answers
894 views
Suspicious incoming connection attempts from random IPv6 addresses on local network on macOS
I've been using Little Snitch on my Macbook and I have since a long time a rule to alert on any incoming IPv6 connection, which would be suspicious since I use IPv4 only. Since a couple of days I've ...
- 101
1 vote
1 answer
610 views
IPv6 address leaking despite VPN?
Given that commands like ifconfig or ip address don't require root privileges, apps can access information about ip address. If you use ipv4, you are normally behind NAT and apps would get an address ...
- 21
0 votes
2 answers
1k views
Disabling IPV6 firewall with IPV6 disabled
Our router (Asus RT-AC68U) has been slowing down our speeds, up until I disabled the IPV6 firewall (Went from 250 to 380, which is the modem cap for now). We've always had IPV6 disabled on the router, ...
- 3
1 vote
1 answer
320 views
Best methods to mitigate DDOS with changing IP sources
Source ip addresses can be spoofed. And because of IPv6 it is not enough to keep a look-up table of ip addresses that are excluded from visiting a website, because with ipv6 there are now enough ip ...
- 211
1 vote
0 answers
190 views
How to Prevent Attacker from Abusing IPv4-embedded IPv6 to Bypass Security Mechanism?
Section 5.3 of RFC6052 explained how an attacker could abuse the NAT64 translation mechanism to bypass security mechanism such as firewall or IDS/IPS if those devices only have an IPv4 blacklist. The ...
- 90
3 votes
1 answer
777 views
Is disabling IPv6 an effective workaround for "Bad Neighbor" Vulnerability (CVE-2020-16898)?
CVE-2020-16898 is a remote code execution vulnerability caused by the improper handling of ICMPv6 Router Advertisement packets by Windows TCP/IP stack. Microsoft's recommended workaround is to disable ...
0 votes
0 answers
269 views
What is the most restrictive way to allow IPv6 ICMP requests on iptables?
This is what I have so far but it is pretty open. *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -p ipv6-icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A OUTPUT -p ipv6-icmp -j ...
- 239
3 votes
1 answer
314 views
Privacy in P2P vs relayed connections for VoIP
I'm developing some sort of VoIP application for mobile devices for fun. I initially planned to rely on P2P connections only. I didn't want to use a relay server because I thought (1.) there would ...
0 votes
0 answers
328 views
Is it a Bad Idea™ to open all IPv6 ports for devices in an isolated guest network?
At home I have a dual-stack IPv4/IPv6 broadband connection, and I also have a wireless access point. The access point currently bridges all traffic into my LAN, which is not segmented in any way, so ...
- 1
1 vote
0 answers
299 views
When using VPN, why do LAN IPv6 Addresses disappear in router LAN status?
My DSL/WiFi router lists the IPv6 GU- and LL- Address for each connected device, alongside the device's MAC address. When a device uses VPN, these addresses disappear from the LAN status listing. ...
- 121
-1 votes
1 answer
170 views
Hiding rough whereabouts of a machine with IPv6, without using a proxy
Since I configured my smartphone Access Point Name (APN) of the type APN protocol from including the value IPv4 to including the value IPv4/IPv6, generally all different addresses I got after ...
user123574
-1 votes
1 answer
1k views
Are IPv4 more intuitively hard to track than IPv6?
I understand that it is easier for a human to intuitively figure out the alleged whereabouts of a machine if that machin's IP address is IPv6, rather than if its IPv4: For example, since I configured ...
user123574
1 vote
0 answers
379 views
Custom IPv6 network and security risks
I draw a custom network (I would use that for developing and testing, my ISP does not support IPv6), there IPv4 and IPv6 are present. 'A' device has firewall: incoming blocked, only accept access (SSH)...
1 vote
0 answers
138 views
Does a browsers' vpn feature securely modify my ipv6 address?
If I use inbuilt vpn feature of a browser, does it modify my ipv6 address, making me safe as far as my mac address is concerned ? OS - Ubuntu 16.04. Browser - Opera
- 11