Default security functions on an IPv6 CPE

Merike Kaeo merike at doubleshotsecurity.com
Thu May 12 08:37:55 CEST 2011


On May 11, 2011, at 9:04 PM, Mikael Abrahamsson wrote:

> On Wed, 11 May 2011, Jon Bane wrote:
> 
>> I really do not understand this conclusion.  Vista/Win7 do have firewalls enabled by default, but the first time the machine detects it is connected to a new network it asks what kind of network you are on. The options being Public, Home or Work.  If the user choses "Home" the firewall is effectively disabled as all of the SMB/NBT ports are opened up, as well as several ports for media sharing.
> 
> Are you sure it's opened up for access from everywhere to these ports, not only from the local subnet? My understanding is that it's the latter.

I believe it is mostly for the local subnet also...the 'home' is called 'private' on professional editions and the expectation is that you are on a private internal network.  There is always *some* IPv6 traffic denied in all 3 modes - I haven't had the opportunity to test or look into the specific differences.  

- merike


More information about the ipv6-ops mailing list