turning off IPv6

Alexander Skwar listen at alexander.skwar.name
Thu Jul 6 13:38:06 UTC 2006 

Christofer C. Bell wrote:
> On 7/6/06, Alexander Skwar <listen at alexander.skwar.name> wrote:
>> Christofer C. Bell wrote:
>> > On 7/5/06, Noah Dain <noahdain at gmail.com> wrote:
>> >>
>> >> And by that line of reasoning, every daemon available should be
>> >> running and listening on all interfaces by default.  But we don't do
>> >> that, do we?
>> >
>> > Nice strawman.
>>
>> Ah - there we are. Calling arguments from other people "strawman".
> 
> It is a strawman.  Comparing network protocol support in the kernel to
> a userspace server daemon (eg; httpd, ftpd, etc) is a non-starter.

No, it's not. It's a good comparison.

> There is no comparison.  His position is that ipv6 is a security
> problem.

Yep.

>  My position is that it is not.

Why not?

>  Those two positions can be
> directly discussed without the use of invalid comparisons.

You're right. That's what he did.

My position is, that every unneeded piece of software poses a
potential security risk. This includes userspace daemons (httpd, ftpd, etc)
and kernel modules - as I said: *every* software.

Why is it "invalid" to compare an a http daemon that's running without
a need, to running ipv6 without a need?

>> > One doesn't have to recompile their kernel to enable a
>> > service daemon.
>>
>> One doesn't have to recompile the kernel to enable IPv6 either, so,
>> if there's a strawman, you just created one.
> 
> Compiling kernel code is necessary to enable ipv6 if it's not already
> compiled for you by the distribution maintainer.

Compiling kernel code is necessary to enable remote access to httpd.
I don't see your point.

>  Anyway, please see
> my other message in which I ask you to show me where in my
> /etc/modules the ipv6 kernel module is being loaded. 

As I answered there: You're right, it's not in /etc/modules. Do
a "grep -r 'alias net-pf-10' /etc" to find the file. I don't know
the *exact* file name right now (no Ubuntu/Debian available). It's
something like /etc/modprobe.d/aliasses.

> I can't seem to find it in there.

Look closer.

>  Thanks for your help.

No problem!

Alexander Skwar
-- 
The more laws and order are made prominent, the more thieves and
robbers there will be.
		-- Lao Tsu

More information about the ubuntu-users mailing list