For those of you who don't use or need IPv6 (not many of us do on our PBX yet), it's a good idea to turn it off.
With some of the new builds, it's enabled by default.
You're going to want to modify /etc/modprobe.conf and set the following options to turn it off for good:
(FYI, this was a change in CentOS 5.4 - the /etc/sysconfig/network "NETWORKING_IPV6 = no" setting doesn't do the trick anymore)
Why bother? Well, for those of us in the security arena, you don't turn something on unless you need it. And as good of a job as Ward and everyone else who burns their time on this project do, there's always more you can do (and you can't/shouldn't expect them do to everything for you, anyway!)
What can go wrong? Well, for one, if someone were to get onto your network, they could easily setup IPv6 'dhcp' and other services on your network. And the way IPv6 works, it would happily respond, then it would happily tunnel all your IPv4 traffic to the 'bad guy' on your LAN.
Remote chance? Perhaps. But the more you know, the better prepared you are. Be safe out there... you're only a few milliseconds away from every bad guy on the internet...
With some of the new builds, it's enabled by default.
You're going to want to modify /etc/modprobe.conf and set the following options to turn it off for good:
Code:
alias ipv6 off
options ipv6 disable=1
(FYI, this was a change in CentOS 5.4 - the /etc/sysconfig/network "NETWORKING_IPV6 = no" setting doesn't do the trick anymore)
Why bother? Well, for those of us in the security arena, you don't turn something on unless you need it. And as good of a job as Ward and everyone else who burns their time on this project do, there's always more you can do (and you can't/shouldn't expect them do to everything for you, anyway!)
What can go wrong? Well, for one, if someone were to get onto your network, they could easily setup IPv6 'dhcp' and other services on your network. And the way IPv6 works, it would happily respond, then it would happily tunnel all your IPv4 traffic to the 'bad guy' on your LAN.
Remote chance? Perhaps. But the more you know, the better prepared you are. Be safe out there... you're only a few milliseconds away from every bad guy on the internet...