[ARMedslack] IPv6 Default behaviour
Gregg Levine
gregg.drwho8 at gmail.com
Thu Jun 27 00:46:33 UTC 2013
On Wed, Jun 26, 2013 at 8:34 PM, <dowelld at netscape.net> wrote:
> Has anyone got any idea about how to trun of the default behaviour of having
> every interface automatically assigned an IPv6 address when it comes up?
>
> So far I've hunted around and around the interwebs, and pushed "0" into all
> sorts of files in /proc/sys/net/ipv6/conf/*/* all to no avail. The moment I
> bring an interface up an inet6 LLA address is automatically assigned to it.
>
> I'm starting to wonder if Linux is an OS I really want to have anywhere near
> a computer of mine when it seems the designers of it decided it'd be a good
> idea to (by default) automatically open up a connectable address on every
> single nertwork interface, of every single device, without any consideration
> for whether an interface was protected or not.
>
> I mean I've seen many utterly ridiculous decisions in my time in this
> industry, but I never thought I'd see one which left nearly every single
> linux system (all those where ip6tables hasn't been explicitly invoked
> anyway) vulnerable to attack (even if only from another system on the local
> network). Utter madness, with seemingly no way to disable it.
>
> Any ideas/suggestions welcomed.
>
>
> Thanks
> Dave
Hello!
And did you try using the rmmod command on the ipv6 module? And to
prevent it being loaded all the time then add it to the blacklist for
modules. Also check to see where its being loaded. In all actuality
IPv6 happens to be practically right around the corner, we actually
ran out of IPv4 addresses about three to six years previously.
-----
Gregg C Levine gregg.drwho8 at gmail.com
"This signature fought the Time Wars, time and again."
More information about the ARMedslack
mailing list