[arin-ppml] ULA-C
Michel Py
michel at arneill-py.sacramento.ca.us
Mon Apr 12 23:48:29 EDT 2010
> Owen DeLong
> I am opposed to perpetuating the myth that it somehow enhances
security.
The reason RFC1918 addresses "enhance" security is because they are
ambiguous. The odds of your ISP announcing your RFC1918 prefix on the
GRT are small: it requires a screw-up both on your side and on your
ISP's side. Furthermore, even though this occasionally happens, chances
are that even if this happens, you won't be at much risk.
My router's IP address is 192.168.1.1. Come and attack it. Oh, you
successfully DDOSed a Linksys in Waikiki beach. Congratulations.
Now, that being said, the IPv6 game is different. As long as the size of
any IPv6 pool is "large-enough-to-be-almost-unique", there will be
temptations to announce it and therefore make it vulnerable.
The so-called "security" does not come from the address being labeled as
"private".
Michel.
More information about the ARIN-PPML
mailing list