On Thu, 2007-09-13 at 11:35 -0700, John Reiser wrote: > For such users, leaving IPv6 enabled is a security risk. The default ip6tables are pretty restrictive, so if you leave them unchanged because you don't think they matter or don't know about them it's fairly safe. (Except for ssh port, see below. And yes, I understand that the filter rules are not the only complaint regarding IPv6 and security.) There are other more low-hanging fruits, I think. My personal pet peeve is the default enabled sshd. It's off on the live CD thankfully, but will it be off on the Desktop spin too? A desktop machine with sshd enabled by default without telling the user and the user having no idea that their crappy password can be exploited remotely is a really bad idea IMO. Besides, I think even if you don't have IPv6 routed to your machine, there are probably interesting use cases for the link local addresse. Really -1 for disabling IPv6, Fedora is about progress, not workarounds. /abo -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
