Security Basics mailing list archives
Re: Security Basics
From: "Michael Painter" <tvhawaii () shaka com>
Date: Mon, 31 Oct 2011 20:48:09 -1000
Matthew Reed wrote:
Why not focus on IPv6? It has no NAT. Kind of a paradigm shift if you think about it. Well worth the energy in the long haul. And "In-depth promotion" of IPv6 would not hurt its cause. Don't you agree it might be better to focus on the IPv6 protocol than to keep defending/securing a pretty much deprecated and older implementation? Old as in "built with less experience." I know that NAT is still being widely used by many but the reasons for this might bring up interesting debates. IPv6 does make NAT obsolete and any form of academic research on the security and defence of IPv6 implementations would probably have a longer TTL. I'd welcome those documents any day.
This may be of interest to some: http://www.ausnog.net/images/ausnog-05/presentations/7-2-stateofdanger.pdf In the Medium Term, IPv6 Migration Will Bring More State, Not Less. ? Myth - IPv6 means no NAT. ? Reality - with IPv4 address exhaustion looming, Carrier Grade NATs (CGNs) are being deployed on SP wireline networks. ? 6-to-4 gateways are stateful devices with the same issues as those surrounding NAT devices. 6-to-4 gateways were being deliberately DDoSed back in 2004. ? Many of the performance/latency issues associated with mobile wireless networks will make their way into wireline networks as a result. ? These stateful devices must be protected to the degree possible against DDoS attack via S/RTBH, flowspec, IDMS, quarantine systems, et. al. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Security Basics Mark van Dijk (Nov 01)
- Re: Security Basics Nahuche (Nov 01)
- <Possible follow-ups>
- Re: Security Basics Michael Painter (Nov 01)