Hi, > > > disabling IPv6 everywhere is the *right* thing to do for > > > many companies. if you don't have the need, don't have the > knowledge and > > > your hardware/software doesn't support it well, IPv6 is not only > > > overhead with no added value but also may present a significant > security > > > risk. Just like you should disable any system service (specially > network > > > services) that you don't need to reduce a hacker attack surface on > your > > > network and servers. > > > Is it possible to give the end-user the option whether to go IVP4 or IPV6? > I haven't found yet an OS clearly showing how to disable IPv6 in a way most non-techinical users can find. But all them have this option somewhere, alongside other "esotheric" options like level 2 security. Given IPv6 current state, where many vulnerabilities are related to autoconfiguration for home and small networks, and given the fact many ISPs still doesn't support IPv6 at all, IMHO the default setting should be IPv6 disabled. Any end user or sysadmin should take action only to enable IPv6, not to remove the threads it represents today. Actually having IPv6 enabled by default is against security best practices. But even security experts forget this because everyone wants to lobby for broader IPv6 adoption. The end user pays the price for technologican evolution. []s, Fernando Lozano -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
