|
|
|
|
|
|
by orangeboats
1003 days ago
|
|
|
>exposing your LAN to public routing tables is madness And I don't understand why people think that. You are exposing a /64 network. That's 2^64 addresses, no one can scan your LAN if that's what you fear, nor can anyone reach your hosts if you build a stateful firewall that denies incoming connections - you know, just like NAT. But minus the packet modifications. |
|
|
Are we really back to security by obscurity? Please don't tell me you are serious.
Anyways, you can't rely on ISP's handing out sufficiently large network ranges to make your security-by-obscurity scheme work.