this post was submitted on 30 Jul 2023
17 points (100.0% liked)

IPv6

317 readers
3 users here now

IPv6 Discussions

founded 1 year ago
MODERATORS
 

Their new modem/router doesn't support opening ports in the ipv6 firewall, so if you want to open ports, they recommend disabling ipv6 entirely. For ipv4, they no longer support forwarding ports from only specific source addresses either, which is way less secure. You can only forward ports from all source addresses. You also have to use their crappy app to add port forward rules, it's no longer available in the web ui. You can completely disable the ipv6 firewall in the web ui, but that wouldn't be safe.

Old motorola modem/routers could do all of the above.

It says it can do bridge mode at least, but it seems silly to need 2 devices just to open ipv6 ports.

How are routers being made now in 2023 that don't have proper ipv6 support? It seems crazy to me.

you are viewing a single comment's thread
view the rest of the comments
[–] adlr 3 points 1 year ago

My view on this, at least for higher end devices like laptops, tablets, phones, etc, is that the OS must be secure to threats already because they all support cellular connections, where you will not have a home router to block incoming connections. IOT is, of course, a different story.

The other thing we should all hopefully know is that a lot of threat vectors don't involve incoming connections. Browser zero days, for example.

BTW, all that said, I still don't see why Xfinity can't just provide a better set of knobs on the firewall.