FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

LinkBack Thread Tools
Old 06-30-2012, 06:51 PM
Ed W
Default Documenting disabling IPV6 off

Hi folks

Can we get some volunteers to write-up some ipv6 notes for the
gentoo/hardened docs

My quick notes would look as follows:

- What is ipv6, notes that it's basically a completely separate protocol
and might be unexpectedly enabled. Also discussion on link local vs
external ip addresses (quite a significant change from ipv4)

- Conditions to use it, eg enabling use flags AND noting that the
"listen" syntax is often different in the app of your choice, eg listen
[::} vs listen *

- Pointers on enabling external access to your machine (note I'm seeing
new providers turn on ipv6 every week, this is a fairly rapidly changing
situation now). ie enabling ipv6 tunnels, dhcpv6, autoconfig, etc

- How to disable ipv6. Sub notes:

a) iptables6 default drop (iptables -P)
b) iptables6 reject
# ip6tables -A INPUT -j DROP
# ip6tables -A OUTPUT -j DROP
# ip6tables -A FORWARD -j DROP
c) sysctl
d) blacklist kernel module or build kernel without support
e) kernel command line option (useful when not modular kernel)
f) Build specific apps without support (seems pointless though?)
g) Ensure specific apps only listen on ipv4 using config. Check using
"netstat -l"

Anyone care to kick that around for a bit, maybe pour some sauce on it?

Old 06-30-2012, 07:22 PM
Sven Vermeulen
Default Documenting disabling IPV6 off

On Sat, Jun 30, 2012 at 07:51:59PM +0100, Ed W wrote:
> Can we get some volunteers to write-up some ipv6 notes for the
> gentoo/hardened docs

Lots of that (all?) is not hardened-specific. It might be best to have it
generally documented in either the ipv6.xml document or on

Sven Vermeulen

Thread Tools

All times are GMT. The time now is 12:04 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org