Microsoft: Give Xbox One users IPv6 connectivity
Simon Perreault
simon.perreault at viagenie.ca
Thu Mar 13 20:22:02 CET 2014
Le 2014-03-13 15:12, Eric Vyncke (evyncke) a écrit :
> What annoys me more if the fact that AVM (and they are not the only one --
> see Technicolor & others) naively believes that NAT44 offered some
> security by preventing inbound connections... This means that there is NO
> open connectivity between two X/Box behind a closed AVM CPE... Hence X/Box
> has no choice and is smart enough to fall back in the legacy NAT44 mode
> with a TURN (or in this case Teredo) to bypass NAT. A very nice
> opportunity to run man-in-the-middle attack on a foreign ground.
>
> I still wonder why people REALLY believe in the security of NAT (in the
> sense of blocking inbound connections) in 2014 while most of the botnet
> members are behind a NAT...
>
> Christopher and others => you are RIGHT! Do not change your mind
>
> -éric (see also
> http://tools.ietf.org/html/draft-ietf-v6ops-balanced-ipv6-security-01 for
> my point of view :-))
+1000
Simon
--
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server --> http://numb.viagenie.ca
More information about the ipv6-ops
mailing list