Re: IPV6 renumbering painless?

• From: Christopher L. Morrow
• Date: Sat Nov 13 22:10:56 2004

On Sat, 13 Nov 2004, Iljitsch van Beijnum wrote:
> On 13-nov-04, at 10:02, Henning Brauer wrote:
>
> Filtering based on IP addresses is a broken concept.
>
> I'm not a huge fan of sprinkling crypto over everything, but if you
> want certain people to have access to some stuff and not others,
> IPsec/SSL are the way to go.

there are things putting random packets over the network today, trying to
exploit services you might be using, or your customers might be using.
IPSEC everywhere is 'nice' but not horribly practical. SSL is nice, until
your SSL libraries have remotely exploitable DoS or root
vulnerabilities... how many times over the last 12 months has openssl been
upgraded due to 'security' issues?

• Follow-Ups:
  • Re: IPV6 renumbering painless? Alexei Roudnev

• References:
  • IPV6 renumbering painless? Michael.Dillon
  • Re: IPV6 renumbering painless? Kevin Oberman
  • Re: IPV6 renumbering painless? Daniel Roesen
  • Re: IPV6 renumbering painless? Simon Leinen
  • Re: IPV6 renumbering painless? Daniel Roesen
  • Re: IPV6 renumbering painless? Owen DeLong
  • Re: IPV6 renumbering painless? Henning Brauer
  • Re: IPV6 renumbering painless? Iljitsch van Beijnum

• Prev by Date: Re: How to Blocking VoIP ( H.323) ?
• Next by Date: RE: The Cidr Report
• Date Index
• Thread Index
• Author Index
• Historical