Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #46047
| References | (6 earlier) <roy-3B8F45.11301825052013@news.panix.com> <7cd17be8-d455-4db8-b8d0-ccc757db5cff@googlegroups.com> <roy-3B69E7.21544325052013@news.panix.com> <mailman.2155.1369533497.3114.python-list@python.org> <51a18986$0$30002$c3e8da3$5496439d@news.astraweb.com> |
|---|---|
| Date | 2013-05-26 14:37 +1000 |
| Subject | Re: Python Magazine |
| From | Chris Angelico <rosuav@gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.2165.1369543044.3114.python-list@python.org> (permalink) |
On Sun, May 26, 2013 at 2:03 PM, Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > On Sun, 26 May 2013 11:58:09 +1000, Chris Angelico wrote: > >> On Sun, May 26, 2013 at 11:54 AM, Roy Smith <roy@panix.com> wrote: > >>> Of course not every IPv6 endpoint will be able to talk to every other >>> IPv6 endpoint, even if the both have globally unique addresses. But, >>> the access controls will be implemented in firewalls with appropriately >>> coded security policies. Not as an accident of being behind a NAT box. >> >> To be more specific: The control of who can talk to whom is in the hands >> of the admins of the two endpoints and the nodes in between, rather than >> being arbitrarily in the hands of the technology. So I would be able to >> talk to the file server across the street, but only IF its admin lets >> me. > > Or when (not if) you find a vulnerability in the particular firewall. > Make no mistake: the most secure entry point is the one that isn't there. Packets have to get somewhere. If they come into this computer, it has to deliberately forward them to that computer or they won't get there. Same thing. All it takes is # ip6tables -p FORWARD DROP and you have a "secure unless I specifically permit it" router. Obviously an attacker can target the router itself (which is exactly the same as current situation), but can't attack anything beyond it without an explicit forwarding rule (which is also exactly the same). ChrisA
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-05-24 20:19 -0700
Re: Python Magazine Roy Smith <roy@panix.com> - 2013-05-24 23:35 -0400
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-05-24 20:38 -0700
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-25 13:48 +1000
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-05-24 21:11 -0700
Re: Python Magazine zoom <zoom@yahoo.com> - 2013-05-25 08:38 +0200
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-25 16:41 +1000
Re: Python Magazine Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-05-25 14:29 +0000
Re: Python Magazine Roy Smith <roy@panix.com> - 2013-05-25 11:30 -0400
Re: Python Magazine John Ladasky <john_ladasky@sbcglobal.net> - 2013-05-25 18:28 -0700
Re: Python Magazine Roy Smith <roy@panix.com> - 2013-05-25 21:54 -0400
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-26 11:58 +1000
Re: Python Magazine Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-05-26 04:03 +0000
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-26 14:37 +1000
Re: Python Magazine John Ladasky <john_ladasky@sbcglobal.net> - 2013-05-25 20:04 -0700
Re: Python Magazine Roy Smith <roy@panix.com> - 2013-05-25 23:24 -0400
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-26 13:45 +1000
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-05-26 07:01 +0300
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-26 14:31 +1000
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-05-26 08:00 +0300
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-26 15:17 +1000
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-05-31 04:11 -0700
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-06-01 11:15 +0300
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-06-05 00:37 -0700
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-06-05 15:20 +0300
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-06-05 09:17 -0700
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-06-06 03:52 +1000
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-06-05 22:01 -0700
Re: Python Magazine Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-05-26 04:20 +0100
Re: Python Magazine Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-05-26 03:50 +0000
Re: Python Magazine 88888 Dihedral <dihedral88888@gmail.com> - 2013-06-01 08:08 -0700
Re: Python Magazine Mark Janssen <dreamingforward@gmail.com> - 2013-05-24 20:38 -0700
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-05-24 20:41 -0700
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-05-25 06:43 +0300
Re: Python Magazine DRJ Reddy <rama29065@gmail.com> - 2013-05-24 21:10 -0700
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-05-25 07:22 +0300
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-25 14:25 +1000
Re: Python Magazine Roy Smith <roy@panix.com> - 2013-05-25 11:24 -0400
Re: Python Magazine Chris Angelico <rosuav@gmail.com> - 2013-05-26 01:30 +1000
RE: Python Magazine Carlos Nepomuceno <carlosnepomuceno@outlook.com> - 2013-05-25 20:28 +0300
Re: Python Magazine Michael Poeltl <michael.poeltl@univie.ac.at> - 2013-05-25 07:29 +0200
Re: Python Magazine Daniel <danielrr2@gmail.com> - 2013-05-25 16:56 +0200
csiph-web