[134643] in North American Network Operators' Group
Re: IPv6 - real vs theoretical problems
daemon@ATHENA.MIT.EDU (Sam Stickland)
Sat Jan 8 12:11:28 2011
In-Reply-To: <8D806878-5D6E-4ABB-BDD9-9E6A58F33D77@arbor.net>
Date: Sat, 8 Jan 2011 17:11:23 +0000
From: Sam Stickland <sam_mailinglists@spacething.org>
To: "Dobbins, Roland" <rdobbins@arbor.net>
Cc: Nanog Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sat, Jan 8, 2011 at 2:00 AM, Dobbins, Roland <rdobbins@arbor.net> wrote:
>
>
> If it's inappropriately placed in front of servers, where's there's no
> state to inspect and were the stateful nature of the device in and of itself
> forms a DoS vector, it has negative security value; i.e., it makes things
> far worse.
Roland, I'm missing something here. Why do you say there is zero state at
the server, but the not at the client? (Because of all the servers TCP/UDP
ports are well known perhaps?)
Sam
