A challenge (was Re: Default security functions on an IPv6 CPE)

Mikael Abrahamsson swmike at swm.pp.se
Thu May 19 06:26:39 CEST 2011

On Wed, 18 May 2011, Mark Smith wrote:

> What saved your smartphone from being hacked?

I have information supporting both sides of the discussion:

My employer does not do any major firewalling towards mobile customers in 
most countries, and the users are handed a globally unique IPv4 address, 
thus is perfectly reachable from everywhere with all devices. No major 
hackery reported.

Otoh I've read articles about jailbroken iphones where the jailbreak 
software installs a ssh server on the device, and people do not change the 
default pw and there has been software written to mass-hack these devices.

One could make the argument that a firewall would not help because a 
properly written ssh server would use the firewall API to open up ingress 
tcp/22 towards its service if it now wants to be reachable.

Let's just face it, there is no right or wrong here... Only time will tell 
what works best.

More information about the ipv6-ops mailing list