903

submitted 2 days ago by qaz@lemmy.world to c/programmer_humor@programming.dev

193 comments fedilink hide all child comments

(page 3) 50 comments

sorted by: hot top controversial new old

[-] NuXCOM_90Percent@lemmy.zip 52 points 2 days ago

In my personal life I will probably "never" intentionally use ipv6.

But it is a DAMNED good sniff test to figure out if an IT/NT team is too dumb to live BEFORE they break your entire infrastructure. If they insist that the single most important thing is to turn it off on every machine? They better have a real good reason other than "it's hard"

[-] nightwatch_admin@feddit.nl 16 points 2 days ago

It’s vulnerable af. And I mean really, it’s as bad as Netscalers or Fortigate shit. Like https://www.bleepingcomputer.com/news/security/hackers-abuse-ipv6-networking-feature-to-hijack-software-updates/ or https://www.bleepingcomputer.com/news/security/hackers-abuse-ipv6-networking-feature-to-hijack-software-updates/

Problem is, yes it’s hard to implement but it’s even a lot harder to get it properly secured. Especially because few people are using it, and not securing it is worse than disabling it.

[-] Auli@lemmy.ca 4 points 1 day ago

Don't see how that is anymore vulnerable then up 4.

[-] lena@gregtech.eu 29 points 2 days ago

Just a heads up, you linked to the same article twice

[-] Fuck_u_spez_@sh.itjust.works 33 points 2 days ago

Clipboards are also hard

load more comments (1 replies)

[-] NuXCOM_90Percent@lemmy.zip 21 points 2 days ago

And I would consider a detailed argument on why it is more secure to disable it to be a good reason.

Personally? I consider an IT team who don't know how to secure an ipv6 enabled network to not be competent. But that is a different conversation.

load more comments (5 replies)

load more comments (1 replies)

load more comments (4 replies)

[-] 2910000@lemmy.world 19 points 2 days ago

I love the flat earther energy in this

[-] LaLuzDelSol@lemmy.world 33 points 2 days ago* (last edited 2 days ago)

Just my perspective as a controls (SCADA engineer):

I work for a large power company. We have close to 100 sites, each with hundreds of IP devices, and have never had a problem with ipv4. Especially when im out in the field I love being able to check IPs, calculate gateways, etc at a glance. Ipv6 is just completely freaking unreadable.

I see the value of outward-facing ipv6 devices (i.e. devices on the internet), considering we are out of ipv4s. But I don't see why we have to convert private networks to ipv6. Put more bluntly: at least industry, it just isn't gonna happen for decades (if it ever does). Unless you need more IPs it's just worse to work with. And there's a huge amount of inertia- got one singular device that doesn't talk ipv6 at a given generation site? What are you supposed to do?

[-] lemming741@lemmy.world 12 points 2 days ago

90% of industrial devices are still 100 Mbit/s.

[-] LaLuzDelSol@lemmy.world 21 points 2 days ago

I mean that's of the ethenet capable ones... a huge chunk are still serial

[-] kieron115@startrek.website 12 points 2 days ago

I was going to say, my friend has to maintain some fucking DOS systems because their ancient embroidery machines only want to talk to software as old as they are, over connections as old as they are.

load more comments (1 replies)

load more comments (7 replies)

[-] thejml@sh.itjust.works 44 points 2 days ago

I use IPv6 every day and everywhere I can. It solves so many issues in large corporate and ISP network setups. And yes 10. Wasn’t big enough, and NATing is a PitA.

Honestly we just keep pushing it off when it’s not that bad. Workaround after workaround just because people are lazy.

load more comments (6 replies)

[-] MissingGhost@lemmy.ml 28 points 2 days ago

I'm surprised by the comments here. I use 90% IPv6. For me v4 is only present for retro compatibility. The transition was hard however.

[-] sudo@lemmy.today 22 points 2 days ago

Was?

It's still in progress..

[-] VonReposti@feddit.dk 18 points 2 days ago

In progress?

I can't even get an IPv6 address, even if I wanted to pay an obscene amount for a business tier.

load more comments (1 replies)

[-] Voyajer@lemmy.world 23 points 2 days ago

CGNATs suck ass though, I had to buy a vps just to access my own network outside my home.

[-] a_wild_mimic_appears@lemmy.dbzer0.com 2 points 1 day ago

Yeah, had the same issue with my ISP, but at least they switched me back to ipv4 after a support call. Didn't want to pay extra for the privilege of not being reachable from the outside anymore.

load more comments (3 replies)

[-] moseschrute@lemmy.ml 10 points 2 days ago

Hi I have no idea what I’m doing when it comes to networking. I have ipv6 off on my home network because I was scared of accidentally exposing things outside of my home network. I’m using Ubiquiti. Can someone give me/link me a crash course on how to setup ipv6 without introducing any security holes into my network? Maybe also a crash course in firewalls.

load more comments (4 replies)

[-] marine_mustang@sh.itjust.works 18 points 2 days ago

C’mon, IPv4 has so many problems. Sure, let’s reserve a whole /8 for a single loopback address, that’s efficient. 🙄

[-] TheFogan@programming.dev 21 points 2 days ago

Well of course, how else would you trick script kiddies that figured out when they DDOSed 127.0.0.1 and learned what a loop back was, and get them again in a few weeks with "ok ok my real address is 127.34.21.2"

load more comments (4 replies)

[-] BootLoop@sh.itjust.works 18 points 2 days ago

I have never started using ipv6 so I'm in the clear here

load more comments