Re: Is NAT can provide some kind of protection?

[Leen Besselink <leen () consolejunkie net>]

On 01/15/2011 03:01 PM, Joel Jaeggli wrote:
> On 1/15/11 1:24 PM, Leen Besselink wrote:
>
> > I'm a full supported for getting rid of NAT when deploying IPv6, but
> > have to say the alternative is not all that great either.
> >
> > Because what do people want, they want privacy, so they use the
> > IPv6 privacy extensions. Which are enabled by default on Windows
> > when IPv6 is used on XP, Vista and 7.
> There aren't enough hosts on most subnets that privacy extensions
> actually buy you that much. sort of like have a bunch of hosts behind a
> single ip, a bunch of hosts behind a single /64 aren't really insured
> much in the way of privacy, facebook is going to know that it's you.

Now this gets a bit a offtopic, but:

If you already have a Facebook account, any site you visit which has
"Facebook Connect" on it usually points directly at facebook.com for
downloading the 'Facebook connect' image so the Facebook-cookies have
already been sent to Facebook.

Why would Facebook care about your IP-address ?

> > And now you have no idea who had that IPv6-address at some point
> > in time. The solution to that problem is ? I guess the only solution is to
> > have the IPv6 equivalant of arpwatch to log the MAC-addresses/IPv6-
> > address combinations ?
> >
> > Or is their an other solution I'm missing.