| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LNX.2.01.1111301004440.18890@frira.zrqbmnf.qr> Date: Wed, 30 Nov 2011 11:07:17 +0100 (CET) From: Jan Engelhardt <jengelh@...ozas.de> To: Krzysztof Olędzki <ole@....pl> cc: Ulrich Weber <ulrich.weber@...hos.com>, Amos Jeffries <squid3@...enet.co.nz>, "sclark46@...thlink.net" <sclark46@...thlink.net>, "kaber@...sh.net" <kaber@...sh.net>, "netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: [RFC PATCH 00/18] netfilter: IPv6 NAT On Wednesday 2011-11-30 01:21, Krzysztof Olędzki wrote: >>> >>>>>However with NAT you could get some kind of anonymity. >>> >>>But without NAT you have pretty big chance to have the same IPv6 >>>*suffix* everywhere, based on you MAC address. without NAT you have >>>pretty big chance to have the same IPv6 *suffix* everywhere, based on >>>you MAC address. >> >>Same suffix? Certainly not with [PrivExt...] > >What if: > >1. You or your users don't have modern OS on your device so there is no >DHCPv6 or rfc3041/4941 support? Dedicated separate program (that's what you would probably do on Windows XP which lacks DHCPv6, PrivExt and also does not even allow manually setting an address via GUI). >3. You need to have static addresses in your network for access control? Access control can be done based on MAC within a broadcast domain so you don't have to eschew Privacy Extensions if you can do so. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists