Security Basics mailing list archives
Re: Security Basics
From: nahuche () gmail com
Date: Mon, 31 Oct 2011 17:32:01 +0000
Well Mark, I think the whole debate regarding IPv6/IPv4/NAT would never end but I wouldn't really use the world "obsolete" because even if all service providers around the world start switching their equipment to support IPv6, there will still be some customers and applications will remain IPv4 based for some forseeable future and hence we need some form of NAT where at customer-level or service provider level so as to make the seemingly different protocols work. There hasn't been much work on NAT and I think it'll be around way longer than some people actually think. For now there's the need to tunnel the very few IPv6 addresses in IPv4 networks. However when the table turns and IPv6 outgrows IPv4, there will still be some need to tunnel the relative few IPv4 addresses(when it happens that is) in IPv6 networks. All this tunnel is where NAT comes into play. Also I think both IPv4, IPv6 and transition mechanism(NAT) have some security issues that are similar and hence knowledge can be transferred.. Ahmed Sent using BlackBerry® from Orange -----Original Message----- From: Mark van Dijk <security () internecto net> Sender: listbounce () securityfocus com Date: Sat, 29 Oct 2011 15:34:29 To: <security-basics () securityfocus com> Subject: Re: Security Basics
Nevertheless, if you have any material related to defending NAT systems
Why not focus on IPv6? It has no NAT. Kind of a paradigm shift if you think about it. Well worth the energy in the long haul. And "In-depth promotion" of IPv6 would not hurt its cause. Don't you agree it might be better to focus on the IPv6 protocol than to keep defending/securing a pretty much deprecated and older implementation? Old as in "built with less experience." I know that NAT is still being widely used by many but the reasons for this might bring up interesting debates. IPv6 does make NAT obsolete and any form of academic research on the security and defence of IPv6 implementations would probably have a longer TTL. I'd welcome those documents any day. So that's my $0.02. Mark. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Security Basics nahuche (Oct 19)
- RE: Security Basics Mikhail A. Utin (Oct 20)
- Re: Security Basics Ahmed Nahuche (Oct 20)
- Re: Security Basics Mark van Dijk (Oct 31)
- Re: Security Basics nahuche (Oct 31)
- Re: Security Basics Matthew Reed (Oct 31)
- Re: Security Basics Ahmed Nahuche (Oct 20)
- RE: Security Basics Mikhail A. Utin (Oct 20)