[125803] in North American Network Operators' Group
Re: Rate of growth on IPv6 not fast enough?
daemon@ATHENA.MIT.EDU (Clue Store)
Fri Apr 23 09:55:35 2010
In-Reply-To: <4BD1A33D.60205@jsbc.cc>
Date: Fri, 23 Apr 2010 08:54:58 -0500
From: Clue Store <cluestore@gmail.com>
To: Jim Burwell <jimb@jsbc.cc>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>
>
>
> > I'm just saying it's one valid
> > security issue with using any sort of globally unique IP address (v4
> > or v6), in that analyzing a bunch of traffic from a particular
> > netblock would allow one to build a topology map. It's easier with
> > IPv6 since you can presume most if not all addresses are on /64s out
> > of a /48 (so look to the fourth quad for the "subnet ID").
>
> I understand and totally agree.
> > Obviously if someone is super concerned with revealing this sort of
> > info there are other things besides NAT they can do, such as using a
> > proxy server(s) for various internet applications, transparent
> > proxies, etc. But it is a valid security concern for some.
>
> Could not agree more which is why I stated that there are other ways of
> accomplishing the "hiding internal topology" using other methodoligies.
> NAT/PAT has caused me many headaches which is why I am so opposed to using
> it.
> > Also, is that your real name? ;-)
>
No, but this list is great for buying and selling clue. In today's market,
clue is equivalent to gold. :)
