[120267] in North American Network Operators' Group
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Tue Dec 15 00:11:56 2009
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <4B2714F8.4050701@bogus.com>
Date: Tue, 15 Dec 2009 00:10:58 -0500
To: Joel Jaeggli <joelja@bogus.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 14, 2009, at 11:47 PM, Joel Jaeggli wrote:
>=20
>=20
> Owen DeLong wrote:
>>>> UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
>>>>=20
>>>> You don't need UPnP if you'r not doing NAT.
>>>=20
>>> wishful thinking.
>>>=20
>>> you're likely to still have a staeful firewall and in the consumer =
space
>>> someone is likely to want to punch holes in it.
>>=20
>> Yes, SI will still be needed. However, UPnP is, at it's heart a way =
to
>> allow
>> arbitrary unauthenticated applications the power to amend your =
security
>> policy to their will. Can you possibly explain any way in which such =
a
>> thing is at all superior to no firewall at all?
>=20
> I'm a consumer, I want to buy something, take it home, turn it on and
> have it work. I don't have an IT department. How the manufacturers =
solve
> that is their problem.
>=20
> As a consumer my preferences for a security posture to the extent that =
I
> have one are:
>=20
> don't hose me
>=20
> don't make my life any more complicated than necessary
>=20
>> I would argue that a firewall that can be reconfigured by any applet =
a user
>> clicks on (whether they know it or not) is actually less useful than =
no
>> firewall because it creates the illusion in the users mind that there =
is a
>> firewall protecting them.
>=20
> Stable outgoing connections for p2p apps, messaging, gaming platforms
> and foo website with java script based rpc mechanisms have similar
> properties. I don't sleep soundly at night becasuse the $49 buffalo
> router I bought off an endcap at frys uses iptables, I sleep soundly
> because I don't care.
>=20
Precisely. And if you want to get picky, remember that "availability" =
is part
of the standard definition of security. A firewall that doesn't let me =
play
Chocolate-Sucking Zombie Monsters is an attack on the availability of =
that
gmae, albeit from the purest of motives.
No, I'm not saying that this is good. I am saying that in the real =
world, it
*will* happen.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
