0

If you get a public IPv6 on your device, and someone gets hold of your momentary IPv6 (which changes every 24h by the privacy extensions), a possible attacker could start a lot of automated tools on your device directly to try to hack it.

So it seems like public IPv6 seems an impairment of security compared to NATted ipv4?

How large is this impairment of security?

rubo77
  • 2,350
  • 10
  • 26
  • 48
  • 2
    These issues are extensively discussed in [How important is NAT as a security layer?](http://security.stackexchange.com/questions/8772/how-important-is-nat-as-a-security-layer) and [With IPv6 do we need to use NAT any more?](http://security.stackexchange.com/questions/44065/with-ipv6-do-we-need-to-use-nat-any-more/44068). – Steffen Ullrich Sep 12 '16 at 18:30

1 Answers1

0

This is not the intention of NAT, but through NAT the machines are somehow "protected". It is as if the NAT system was also, inherently, a firewall.

To switch to IPv6 nicely, you have to couple its enabling with some solid, well-thought firewalling rules, which will prevent incoming connections which were not possible in a NAT world, but are now feasible thanks to the magic of IPv6.

Source: https://security.stackexchange.com/a/44068/13212

Community
  • 1
rubo77
  • 2,350
  • 10
  • 26
  • 48