2011-02-10 21:03:01 Michael Orlitzky > On 02/09/11 22:09, Anthony G. Basile wrote: > > Hi everyone, > > > > Jan Kundrat asked on gentoo-dev why hardened removes ipv6 from its > > profiles. To be honest, I see no good reason. I want to add it back. > > Before I do, does anyone in the community know of any issues with > > hardened + ipv6? I don't know of any and all my servers have it > > enables. So, I'm going to add it back in about 1 week. > > I don't think there are any issues with it. The only argument I know of > is that it increases the attack surface for a feature that 0% + epsilon > of people use.
Tests done by a colleague show that, right now, the amount of inbound ipv6 traffic on his systems is none but I can perfectly understand your concerns even if they should apply only to the network stack itself, as the daemons listening to v6 should be the same that listen to v4, once configured for dual stack. Anyway, ipv6 has a chance to become relevant by the end of the year as China and India (among others) won't have quite enough v4 addresses in stock to support the growth of their networks.
