A challenge (was Re: Default security functions on an IPv6 CPE)
Mikael Abrahamsson
swmike at swm.pp.se
Thu May 19 06:26:39 CEST 2011
On Wed, 18 May 2011, Mark Smith wrote:
> What saved your smartphone from being hacked?
I have information supporting both sides of the discussion:
My employer does not do any major firewalling towards mobile customers in
most countries, and the users are handed a globally unique IPv4 address,
thus is perfectly reachable from everywhere with all devices. No major
hackery reported.
Otoh I've read articles about jailbroken iphones where the jailbreak
software installs a ssh server on the device, and people do not change the
default pw and there has been software written to mass-hack these devices.
One could make the argument that a firewall would not help because a
properly written ssh server would use the firewall API to open up ingress
tcp/22 towards its service if it now wants to be reachable.
Let's just face it, there is no right or wrong here... Only time will tell
what works best.
More information about the ipv6-ops
mailing list