Security Basics mailing list archives
Re: Security Basics
From: Matthew Reed <MReed () tssg-cgx com>
Date: Mon, 31 Oct 2011 18:11:30 +0000
Matthew Reed 713.502.5181 ----- Original Message ----- From: nahuche () gmail com [mailto:nahuche () gmail com] Sent: Monday, October 31, 2011 12:32 PM To: Mark van Dijk <security () internecto net>; listbounce () securityfocus com <listbounce () securityfocus com>; security-basics () securityfocus com <security-basics () securityfocus com> Subject: Re: Security Basics Well Mark, I think the whole debate regarding IPv6/IPv4/NAT would never end but I wouldn't really use the world "obsolete" because even if all service providers around the world start switching their equipment to support IPv6, there will still be some customers and applications will remain IPv4 based for some forseeable future and hence we need some form of NAT where at customer-level or service provider level so as to make the seemingly different protocols work. There hasn't been much work on NAT and I think it'll be around way longer than some people actually think. For now there's the need to tunnel the very few IPv6 addresses in IPv4 networks. However when the table turns and IPv6 outgrows IPv4, there will still be some need to tunnel the relative few IPv4 addresses(when it happens that is) in IPv6 networks. All this tunnel is where NAT comes into play. Also I think both IPv4, IPv6 and transition mechanism(NAT) have some security issues that are similar and hence knowledge can be transferred.. Ahmed Sent using BlackBerry® from Orange -----Original Message----- From: Mark van Dijk <security () internecto net> Sender: listbounce () securityfocus com Date: Sat, 29 Oct 2011 15:34:29 To: <security-basics () securityfocus com> Subject: Re: Security Basics
Nevertheless, if you have any material related to defending NAT systems
Why not focus on IPv6? It has no NAT. Kind of a paradigm shift if you think about it. Well worth the energy in the long haul. And "In-depth promotion" of IPv6 would not hurt its cause. Don't you agree it might be better to focus on the IPv6 protocol than to keep defending/securing a pretty much deprecated and older implementation? Old as in "built with less experience." I know that NAT is still being widely used by many but the reasons for this might bring up interesting debates. IPv6 does make NAT obsolete and any form of academic research on the security and defence of IPv6 implementations would probably have a longer TTL. I'd welcome those documents any day. So that's my $0.02. Mark. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ________________________________ NOTICE: This message, as well as any attached document, contains information from Consolidated Graphics, Inc. that is confidential and/or privileged, or may contain attorney work product. The information is intended only for the use of the addressee(s) named above. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, forwarding, printing, copying, disclosure, or the taking of any action in reliance on the contents of this message or its attachments is strictly prohibited, and may be unlawful. If you have received this message in error, please destroy all copies (in any form) of this message and its attachments, if any, without disclosing the contents, and notify the sender immediately. Unintended transmission does not constitute waiver of the attorney-client privilege or any other privilege. Unless expressly stated in this email, nothing in this message should be construed as a digital or electronic signature. Thank you for your cooperation. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Security Basics nahuche (Oct 19)
- RE: Security Basics Mikhail A. Utin (Oct 20)
- Re: Security Basics Ahmed Nahuche (Oct 20)
- Re: Security Basics Mark van Dijk (Oct 31)
- Re: Security Basics nahuche (Oct 31)
- Re: Security Basics Matthew Reed (Oct 31)
- Re: Security Basics Ahmed Nahuche (Oct 20)
- RE: Security Basics Mikhail A. Utin (Oct 20)