IPv6 🔗 link

Folks,

Searched the archives and found a few IPv6 inquiries, but only that
there are no plans to support it.  While I'm not a programmer, I
suspect it would actually be fairly simple to implement (please
correct me if I'm wrong).

This is starting to become a priority for me.  I need to monitor my
ssh servers, but they all only respond now to ipv6, so I can't :-(.

For those of you who care, after monitoring my ipv6 only ssh logs, the
automated attacks against my servers has dropped from over 10,000
attacks per day to 0.  Have not had a single attack in months.
Haven't seen that in over 10 years now.  I'm sure this is only a
temporary thing, but it sure is nice.

I have only one other piece of software I can't replace (besides
hobbit) that needs to support ipv6 and I will be ready.  Those of you
watching the bogon list might know how close we are to complete ipv4
exhaustion, and in some areas of the world ipv4 addresses are no
longer available.

If there is anything I can do to expedite a move to support ipv6, let me know.

Thanx,

David A. Bandel
-- 
Focus on the dream, not the competition.
            - Nemesis Air Racing Team motto

Security through obscurity only works until it becomes main stream.  You
still want to be proactive against SSH attacks (or whatever else).  Just
because you moved down the street doesn't mean the thieves won't steal your
lawn gnomes!

With IPv6 becoming more and more abundant I think it should be implemented
but I don't find any use for it in my world (today!).

Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX

Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer

On Fri, Nov 28, 2008 at 1:53 PM, David A. Bandel <user-77bd7f1593bd@xymon.invalid>wrote:

On Fri, Nov 28, 2008 at 2:17 PM, Josh Luthman
<user-4c45a83f15cb@xymon.invalid> wrote:

Hmm.  Top-posting.  Must be a lawyer.

I haven't removed/downgraded any security I use, I just find it
refreshing not to be wading through the myriad entries in auth.log
showing 'ssh invalid user' and all.  I didn't expect this, it's just a
bene that my log files are less cluttered (by many hundred k per day).

And that's your excuse for procrastinating?  Honestly, it's easier
than you think, but it will take time to implement.  Start soon,
really, you'll be glad you did.

I have a short story that presents a frightening scenario for
procrastinators which I hope does not come to pass, but I don't want
to find out the hard way that it's true.  Has to do with several ICAAN
board members that are very unhappy and annoyed that IPv6 adoption is
so slow and what they have discussed seriously to give folks a hard
shove (I wouldn't want to be standing on the ipv4-only ledge if any of
what I heard is true).

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
            - Nemesis Air Racing Team motto

I'm top-posting because it's Gmail's default.

Reading through logs on a day to day basis just isn't feasible - these
things have to be automated.  My point is just because you don't have SSH
login attempts doesn't mean you can waive something like DenyHosts.

I really don't have an excuse, however, I do have other tasks to complete
before this one that doesn't have a deadline.

Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX

Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer

On Fri, Nov 28, 2008 at 2:37 PM, David A. Bandel <user-77bd7f1593bd@xymon.invalid>wrote:

On Fri, 28 Nov 2008, David A. Bandel wrote:

It seems to me that it should be quite possible to monitor the servers without hobbit itself supporting ipv6. The only thing that's necessary is a host that has both ipv4 and ipv6 (that host can be the hobbit server) and acts as a gateway with the help of a little scripting. That should be no more difficult than monitoring Novell servers with IPX.

Ulric

On Fri, Nov 28, 2008 at 2:55 PM, Josh Luthman

<user-4c45a83f15cb@xymon.invalid> wrote:

Who has time?

As I said.  I have all this.  I was just surprised the first automated
report that came in after turning off ipv4 bindings that there were no
entries listed, and that my log file for the day was much smaller.
Not sure why you'd take my comment that the attacks were mitigated to
somehow suggest I dropped all security measures.  Heck, I spent a
whole day trying to figure out what was going on and why no entries
(couldn't believe there just were no attacks).

The note about fewer (in this case cessation) of attacks I just found
very interesting (I still think it's interesting).  Now I'm watching
for when they actually start (and from where -- I expect China as
that's where IPv6 is being heavily deployed and is the origin of many
ipv4 attacks).

You have me confused with Microsoft -- ensuring all my security
measures still work correctly in IPv6 was my first priority.
ip6tables is a good start, btw.

I just need to start monitoring IPv6 -- for those services binding
both protocols as well as those few that are only bound to IPv6.  I
need to know if my mail server, web server, etc., is only responding
to one or the other or both now that I have two protocols running
(vice one).

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
            - Nemesis Air Racing Team motto