[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comcast enables 6to4 relays

Subject: Comcast enables 6to4 relays
From: jbates at brightok.net (Jack Bates)
Date: Tue, 31 Aug 2010 12:02:56 -0500
In-reply-to: <[email protected]>
References: <C8A1A673.E6B19%[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

Jeroen Massar wrote:
> just remember that a lot of people have VPN software, connect from home
> to that VPN and do other weird setups (Skype for instance, BitTorrent)
> where there are possibilities to bypass your "firewall".
> 

I agree. My concern here is that we are dealing with improper firewalls. 
We are dealing with ignorance, and we have M$ enabling teredo by default 
(though not active until they install the appropriate app). Creating 
what is essentially a public vpn through a firewall without the user 
being aware of it is insecure. For all the wonderful popups that vista+ 
gives, it amazes me that teredo isn't one of them.

6to4 doesn't suffer the same issues. Primarily because RFC1918 
addressing can't be used in 6to4. This means that at a minimum, the 
router has to participate or the host behind it must be manually 
configured with a 6to4 address (for the proto 41 pass through to work). 
Neither is an automatic traversal of the router's policies without user 
knowledge.

Jack

Follow-Ups:
- Comcast enables 6to4 relays
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Teredo and 'firewalls' (Re: Comcast enables 6to4 relays)
  - From: jeroen at unfix.org (Jeroen Massar)

References:
- Comcast enables 6to4 relays
  - From: john_brzozowski at cable.comcast.com (John Jason Brzozowski)
- Comcast enables 6to4 relays
  - From: jbates at brightok.net (Jack Bates)
- Comcast enables 6to4 relays
  - From: swmike at swm.pp.se (Mikael Abrahamsson)
- Comcast enables 6to4 relays
  - From: jbates at brightok.net (Jack Bates)
- Comcast enables 6to4 relays
  - From: swmike at swm.pp.se (Mikael Abrahamsson)
- Comcast enables 6to4 relays
  - From: jeroen at unfix.org (Jeroen Massar)
- Comcast enables 6to4 relays
  - From: jbates at brightok.net (Jack Bates)
- Comcast enables 6to4 relays
  - From: jeroen at unfix.org (Jeroen Massar)

Prev by Date: UPDATED - Comcast enables 6to4 relays
Next by Date: Comcast enables 6to4 relays
Previous by thread: Comcast enables 6to4 relays
Next by thread: Comcast enables 6to4 relays
Index(es):
- Date
- Thread