Hi!
On Wed, Jun 27, 2012 at 02:33:49AM +0200, Francisco Blas Izquierdo Riera
(klondike) wrote:
> > Correct me if I'm wrong, but enabling IPv6 mean needs in supporting two
> > different routing tables and two different firewalls.
> Different routing tables maybe but the firewall is still the same,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 27.06.2012 09:19, Alex Efros wrote:
> Hi!
>
>> # ip6tables -A INPUT -j DROP # ip6tables -A OUTPUT -j DROP #
>> ip6tables -A FORWARD -j DROP There you are safe now.
>
> Safe, but don't working. Do you enable ipv6 USE flag just to force
> people to
On 06/25/2012 11:03 PM, Alex Efros wrote:
Hi!
On Mon, Jun 25, 2012 at 08:58:49AM -0500, Matthew Thode wrote:
I'm alerting users so that you can make whatever changes you like to
ipv6 in your /etc/make.conf. In about 24 hours I will turn on by
default ipv6 on all hardened profiles.
I use ipv6
On 06/26/2012 03:49 AM, Michael Orlitzky wrote:
On 06/26/2012 03:38 AM, Darknight wrote:
Enable ipv6 use flag and disable ipv6 in /etc/sysctl.conf?
- no scary (j/k) ipv6 enabled by default
- ipv6 enabled in a matter of seconds without need for an internet
connection
The news item and a word abo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/26/2012 08:33 PM, Francisco Blas Izquierdo Riera (klondike) wrote:
> El 26/06/12 05:03, Alex Efros escribió:
>> Hi!
> Hi!
>> On Mon, Jun 25, 2012 at 08:58:49AM -0500, Matthew Thode wrote:
I'm alerting users so that you can make whatever ch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/27/2012 03:19 AM, Alex Efros wrote:
> Hi!
>
> On Wed, Jun 27, 2012 at 02:33:49AM +0200, Francisco Blas Izquierdo
> Riera (klondike) wrote:
>>> Correct me if I'm wrong, but enabling IPv6 mean needs in
>>> supporting two different routing tables
> Those who have IPv6 enabled in the kernel unintentionally probably
> aren't very security minded and probably aren't using Hardened.
> They're moot. We cannot help reckless individuals.
Funny how you call most of the population reckless but I guess you mean
in the context of hardened and it's pr
On 06/26/12 20:42, Francisco Blas Izquierdo Riera (klondike) wrote:
> El 26/06/12 07:43, Michael Orlitzky escribió:
>> It's easy enough to set USE="-ipv6" manually of course, but the same
>> argument works for USE="ipv6". So, I think the default should be what
>> most people want; i.e. what the few
El 27/06/12 09:19, Alex Efros escribió:
> Safe, but don't working. Do you enable ipv6 USE flag just to force people
> to either disable unintentionally enabled IPv6 in kernel and/or add this
> ip6tables configuration?
No, we do it because otherwise the stage3 is unusable on ipv6 only
environments a
