#11629 NORM xs-0.7: XS has no IPv6 firewall but runs IPv6 listening services
Zarro Boogs per Child
bugtracker at laptop.org
Wed Feb 15 00:01:17 EST 2012
#11629: XS has no IPv6 firewall but runs IPv6 listening services
---------------------------+------------------------------------------------
Reporter: greenfeld | Owner: martin.langhoff
Type: defect | Status: new
Priority: normal | Milestone: xs-0.7
Component: school server | Version: Development build as of this date
Keywords: | Next_action: diagnose
Verified: 0 | Deployment_affected:
Blockedby: | Blocking:
---------------------------+------------------------------------------------
The schoolserver has no IPv6 firewall defined but runs IPv6-listening
services.
The services that listen for anyone to connect to them on IPv6 appear to
be rsync, SSH, and NTP.
This is a local subnet risk with anything else connected on the fe80::
subnet, and a remote risk if we get an IPv6 address via auto-configuration
(net.ipv6.conf.*.autoconf is enabled) and/or possibly via DHCP.
Seen with XS-0.7 beta 1, but present in XS-0.6 with a smaller set of
IPv6-capable services.
--
Ticket URL: <http://dev.laptop.org/ticket/11629>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list