CPE Residential IPv6 Security Poll
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Tue Sep 20 16:00:05 CEST 2016
I’ve promised an article to RIPE and APNIC … will work on it once I’ve the Korean data … hopefully in a couple of weeks …
If somebody can help to disseminate the survey among Korean ISPs, please, let me know!
In case someone in this list still didn’t responded, here is the link:
De: Tim Chown <Tim.Chown at jisc.ac.uk>
Responder a: <Tim.Chown at jisc.ac.uk>
Fecha: martes, 20 de septiembre de 2016, 15:55
Para: "jordi.palet at consulintel.es" <jordi.palet at consulintel.es>
CC: Benedikt Stockebrand <bs at stepladder-it.com>, IPv6 Ops list <ipv6-ops at lists.cluenet.de>, "Anfinsen, Ragnar" <Ragnar.Anfinsen at altibox.no>
Asunto: Re: CPE Residential IPv6 Security Poll
Thanks Jordi. And yes, hindsight is always easy!
It would be nice to have a survey report document online for anyone to read, to complement various powerpoint decks you’ve used.
Amazing to get such a large response - well done :)
> On 20 Sep 2016, at 14:49, JORDI PALET MARTINEZ <jordi.palet at consulintel.es> wrote:
> No, didn’t included anything about security, unfortunately (now I realize having missed it !) I will consider upgrading the actual questions or making a specific one related to security …
> I’ve got already over 1.100 responses, and I’m waiting for Korean ISPs to start responding … I think is the only country which didn’t responded at all.
> I did a quick presentation about the data both in the last v6ops and IEPG meetings. Will do a new presentation at the next LACNIC meeting and hopefully at the next RIPE one.
> -----Mensaje original-----
> De: <ipv6-ops-bounces+jordi.palet=consulintel.es at lists.cluenet.de> en nombre de Tim Chown <Tim.Chown at jisc.ac.uk>
> Responder a: <Tim.Chown at jisc.ac.uk>
> Fecha: martes, 20 de septiembre de 2016, 14:50
> Para: Benedikt Stockebrand <bs at stepladder-it.com>, Jordi Palet Martinez <jordi.palet at consulintel.es>
> CC: IPv6 Ops list <ipv6-ops at lists.cluenet.de>, "Anfinsen, Ragnar" <Ragnar.Anfinsen at altibox.no>
> Asunto: Re: CPE Residential IPv6 Security Poll
> Was this one of the questions asked in Jordi’s survey? I’m not sure I’ve seen the results published as yet, but he got a fantastic level of response (over 200 iirc)… Jordi? :)
>> On 20 Sep 2016, at 13:44, Benedikt Stockebrand <bs at stepladder-it.com> wrote:
>> Hi Ragnar and list,
>> as far as I can tell, little has changed at least in Germany since our
>> last discussion on this (except that I've since sobered up again:-)
>> I guess you won't be surprised that I still share the same opinion as
>> So far all I've consciously seen on consumer CPEs is "per default, allow
>> all outbound, block all inbound". I'm not sure if there are any ultra
>> cheap CPEs out that don't even let users configure inbound rules, but
>> I've never had the need to deal with anything like that.
>> However, one rather interesting thing has changed here: Since August
>> this year, ISPs can by law no longer force their customers in Germany to
>> use the CPE they provide. The implications here are yet to appear, but
>> one possible effect might be that the ISPs move away from the
>> all-features-you-never-wanted-plus-some-extra CPEs they so far forced on
>> their customers to minimalistic devices they can just manage via TR-069
>> or similar (reaching a setup similar ot the old NT1/NT2 split with ISDN
>> in Europe), eventually leaving the filtering to the end user again.
>> With business customers the range obviously goes from "consumer grade is
>> good enough so why use anything else" for small businesses to dark fiber
>> for customers running their own AS.
>> Benedikt Stockebrand, Stepladder IT Training+Consulting
>> Dipl.-Inform. http://www.stepladder-it.com/
>> Business Grade IPv6 --- Consulting, Training, Projects
>> BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/
More information about the ipv6-ops