On Tue, Dec 7, 2010 at 6:01 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: > On 12/7/10 9:07 AM, Adam Tauno Williams wrote: >> >> site-local addresses are officially deprecated. >> >> If you want a device to only be available locally - block the traffic >> to/from that device. > > So security will depend on every connection owner having a high level of > knowledge about ipv6 internals? Is this being designed by people planning > careers as consultants? > > -- Yes, I can see where you're coming from with this argument. We supply ADSL to our clients and could offer them security on a network level. I know some mobile operators already do this on their networks on IPV4. Basically, if I want remote access to a machine connected to the internet via their network I have to apply for permission to have the security removed. The contract states that I know what I'm doing and will take full responsibility for anything that goes wrong on my side. They're basically covered legally (if one could call it that) if something goes wrong with my connection. We have some measures in place where we block, at a client's request, all ports except 23, 25, 80, 110 and 443. So, I'm sure many other ISP's could do the same thing? -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos