[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space

Subject: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
From: trejrco at gmail.com (TJ)
Date: Tue, 10 Feb 2009 08:57:28 -0500
In-reply-to: <[email protected]>
References: <[email protected]>

>However the PCI DSS does contain a "Compensating controls" section, which
>allows for the use of functionality which "provide[s] a similar level of
>defense" to the stated requirements, where the stated requirements can not
>be followed due to "legitimate technical or documented business
constraints"
>
>Now the fact that RFC1918 addresses don't work with IPv6 is clearly a
>"legitimate technical ... constraint", so as long as you could successfully
>argue that a stateful firewall or other measures in place provided
>equivalent security as NAT you should be fine.


Excellent loophole!
Although I wonder how many clueful auditors are out there and able to make
this fly ...

References:
- v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
  - From: scott at doc.net.au (Scott Howard)

Prev by Date: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
Next by Date: IPv6 delivery model to end customers
Previous by thread: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
Next by thread: Seeking FIOS tech support with two (or more) brain cells
Index(es):
- Date
- Thread