[ppml] IPv6, Vista, and the Popular Press

Leo Bicknell bicknell at ufp.org
Fri Jun 8 16:53:30 EDT 2007


I wonder if the author failed math class or is making a commentary
on RIR IPv6 allocation sizes when she states that "IPv6 supports a
128-bit addressing scheme, which lets it support an order-of-magnitude
more devices that are directly connected to the Internet than its
predecessor, IPv4."

However, I want to point out while the board and I think the community
are pulling hard to get IPv6 deployed, people deploying real systems
seem to often be going in the other direction.  From page 2:

] Murphy says he is recommending that his clients remove IPv6 from their
] Vista workstations.

As if that wasn't bad enough, some quotes from the comments:

] So why run both is my question and why does vista install both
] automatically? I can see if the IPv4 standard was going away in a year
] but it is not so I recommend to remove IPv6.

However, least I think this is poor reporting of an inexperienced
sysadmin a mainstream vendor, Symantec has similar advice.  They checked
out all of Vista's new networking:

In their report, http://www.symantec.com/avcenter/reference/ATR-VistaAttackSurface.pdf,
there's a choice quote:

] Firewalls and IDSs will have to consider the presense of new Vista
] machines on their networks.  If left unhandled and unchecked, IPv6
] and it's accompanying transition technologies allow an attacher access
] to hosts on private internal networks outside of the preview of the
] administrator.  Unwanted access can be prevented by the analysis of
] IPv6 protocols in the firewall or IDS or by completely blocking all
] IPv6 protocols.

With the Board's recent step to get the IPv6 word out, is there
anything else the RIR community can do to head off the advice of
"just turn it off"?  If sysadmins are deinstalling IPv6 support in
OS's like Vista then deploying IPv6 is going to be even more

       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20070608/bc334e6d/attachment.sig>

More information about the ARIN-PPML mailing list