What's new

Skynet Is default firewall good enough?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Yes, I do. We had a long discussion of pros and cons.




Correct. The same applies to other firmware options. If disabled by default - there is a reason.
Essentially, if you are doing it to self-educate and don't mind the potential bump in the road learning curve (experience), then it might be worth the venture to try it out. However, it should be considered whether this is the true experience the user wishes to venture down before attempting such. It should be noted that finding help overcoming learning curves with ipv6 can be just as difficult as deciding not to enable it since there are just as many people for enabling it as there is in opposition of enabling it - Not everyone is talkative in troubleshooting issues with ipv6, so that personal learning experience may be truly that- a personal learning experience.
 
Not everyone is talkative in troubleshooting issues with ipv6, so that personal learning experience may be truly that- a personal learning experience

It's hard to find if it works properly and nothing much the user can do, if it doesn't. We have some half-baked home routers as hardware running custom firmware from a developer with no IPv6 ISP available, on ISPs with different IPv6 implementations, if any. One can learn IPv6 protocol by heart and it won't make any difference. What home users can learn so much? How many sites support IPv6? Google and Facebook mostly. There is a browser plugin to show IPv4/IPv6 connections. Fun to watch. What else is there to learn from experience?
 
It's hard to find if it works properly and nothing much the user can do, if it doesn't. We have some half-baked home routers as hardware running custom firmware from a developer with no IPv6 ISP available, on ISPs with different IPv6 implementations, if any. One can learn IPv6 protocol by heart and it won't make any difference. What home users can learn so much? How many sites support IPv6? Google and Facebook mostly. There is a browser plugin to show IPv4/IPv6 connections. Fun to watch. What else is there to learn from experience?
That is the whole story in a nutshell. It is one of those cannot win with it unless it is something that is truly of benefit to the individual. It really is a personal choice that majority of users probably do not need at this time. I just hope that when it comes time it is not an option, that technology is better equipped with the proper support for it instead of half-baked in.
 
Let's encourage other guys to run IPv6 and observe what happens. Sounds like a plan.

Sorry, but I don't want the hit from China over IPv6 experience on my business networks.
You don't have to look very hard to get hit by China on ipv4 either. In retrospect, here is a good article that exposes some of the myths about how "secure" ipv6 is.
 
My IPv4 door has well known locking mechanism. It stops both traffic in and out in a controllable and predictable way. I don't want my network to be part of Internet.
 
Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark
Taking a walk on the wild side there bro.
 
I could not fully enjoy the autobahn on my way North because someone applied QoS on my rental car and it cut off power before CPU at 100%. In few days though I'm going South on a different hardware. :p
 
I need one free lane only. I'm moving a single packet.
 
Like the IPv6 ban idea.
Ready for another reinvent the ipv6-wheel-megathread?


Those days of high ipv6-adventure!
 
I guess I am “fortunate“ on the IPv6 question. Only one of my ISPs support IPv6 and their support is very lacking so it is disabled on my stuff. So far, I have not encountered a reason to have IPv6 enabled, but then again, I stopped online gaming over 15 years ago.
 
Can't win if you don't play?

It's a bit different gambling game. You play with all your devices and hope no one is going to win access to one or more of them. The dopamine level increases with noname IoT IPv6 capable devices.
 
Here is the filter list i am currently rocking, (and yes any one is welcome to try it.)


View attachment 40880

And I have yet to have a false positive.

I have added this and viktor jaep list to skynet for some time and it just works. Recently I noticed google images search only show whatever is on screen display. When I scroll down the page, other images are not loaded. Going through skynet blocked outbound packets, it seems some Google IP are blocked: 74.125.24.101, 74.125.24.100, 74.125.24.138. After unban these three address all the images are loading properly.
These ip seems to come from this list :
 
I have added this and viktor jaep list to skynet for some time and it just works. Recently I noticed google images search only show whatever is on screen display. When I scroll down the page, other images are not loaded. Going through skynet blocked outbound packets, it seems some Google IP are blocked: 74.125.24.101, 74.125.24.100, 74.125.24.138. After unban these three address all the images are loading properly.
These ip seems to come from this list :
The woes of google domains. Yep there is no guarantee that something wont have to whitelisted from list like that. However, as long as we know how to whitelist, and accepting that something might have to be whitelisted down the road, then everything should be fine. I imagine at somepoint those will get removed from the list as soon as someone reports it to the list maintainer as a false positive.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top