turning off IPv6

[Scott Kitterman]

On Thu, 06 Jul 2006 23:19:20 +0100 Tony Arnold 
<tony.arnold at manchester.ac.uk> wrote:
>Derek,
>
>On Thu, 2006-07-06 at 15:57 -0300, Derek Broughton wrote:
>
>> > I presume you mean IPv6! If so, what problems? I have three Dapper 
boxes
>> > and I've not experienced any problems with IPv6.
>> 
>> That would work if your ISP has you behind an IPv6 capable router.  It 
would
>> seem that not all have bothered to join the 21st century.
>
>I'm not sure if IPv6 is in use on any of my machines! Certainly not at
>home because I'm behind a cheapish ADSL router which is most definitely
>v4 only. However, at work our network is v6 aware locally (not much
>traffic at the moment, but some). Shortly, our regional and national
>networks will be v6 native, hence my concern about potential security
>issues.
>
>I strikes me that some people are saying there are security concerns
>with IPv6 but no-one has pointed me to a specific example of a known
>exploit or even vulnerability, and that is what is bothering me with
>this whole discussion.
>

Does iptables work on IPv6?  The security tools are, AFAICT, relatively 
less mature for v6.

IPv6 has relatively little deployment (speaking of installed base, not new 
deployment rate) compared to IPv4.  There has been relatively less 
incentive to exploit it.

Personally, I understand a lot more about v4 than v6.

All of these are reasons from my point of view to approach with caution.  
It's not that there are known faults, but the experience base is so much 
less there is greater uncertainty.

Uncertainty = perceived risk

Do IPv6, but approach with due caution.  I don't worry about it since my 
upstream isn't v6 enabled, but if it were, I'd have some serious, quick 
studying to do.

Scott K