Python Magazine
Steven D'Aprano
steve+comp.lang.python at pearwood.info
Sun May 26 00:03:18 EDT 2013
On Sun, 26 May 2013 11:58:09 +1000, Chris Angelico wrote:
> On Sun, May 26, 2013 at 11:54 AM, Roy Smith <roy at panix.com> wrote:
>> Of course not every IPv6 endpoint will be able to talk to every other
>> IPv6 endpoint, even if the both have globally unique addresses. But,
>> the access controls will be implemented in firewalls with appropriately
>> coded security policies. Not as an accident of being behind a NAT box.
>
> To be more specific: The control of who can talk to whom is in the hands
> of the admins of the two endpoints and the nodes in between, rather than
> being arbitrarily in the hands of the technology. So I would be able to
> talk to the file server across the street, but only IF its admin lets
> me.
Or when (not if) you find a vulnerability in the particular firewall.
Make no mistake: the most secure entry point is the one that isn't there.
--
Steven
More information about the Python-list
mailing list