[135040] in North American Network Operators' Group
Re: Is NAT can provide some kind of protection?
daemon@ATHENA.MIT.EDU (Leen Besselink)
Sat Jan 15 09:20:11 2011
Date: Sat, 15 Jan 2011 15:19:17 +0100
From: Leen Besselink <leen@consolejunkie.net>
To: Joel Jaeggli <joelja@bogus.com>
In-Reply-To: <4D31A8B3.70201@bogus.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 01/15/2011 03:01 PM, Joel Jaeggli wrote:
> On 1/15/11 1:24 PM, Leen Besselink wrote:
>
>> I'm a full supported for getting rid of NAT when deploying IPv6, but
>> have to say the alternative is not all that great either.
>>
>> Because what do people want, they want privacy, so they use the
>> IPv6 privacy extensions. Which are enabled by default on Windows
>> when IPv6 is used on XP, Vista and 7.
> There aren't enough hosts on most subnets that privacy extensions
> actually buy you that much. sort of like have a bunch of hosts behind a
> single ip, a bunch of hosts behind a single /64 aren't really insured
> much in the way of privacy, facebook is going to know that it's you.
>
Now this gets a bit a offtopic, but:
If you already have a Facebook account, any site you visit which has
"Facebook Connect" on it usually points directly at facebook.com for
downloading the 'Facebook connect' image so the Facebook-cookies have
already been sent to Facebook.
Why would Facebook care about your IP-address ?
>> And now you have no idea who had that IPv6-address at some point
>> in time. The solution to that problem is ? I guess the only solution is to
>> have the IPv6 equivalant of arpwatch to log the MAC-addresses/IPv6-
>> address combinations ?
>>
>> Or is their an other solution I'm missing.
>>
>>
