[mythtv] Proposed change to Network Communications
pgbennett at comcast.net
Wed Mar 8 17:32:02 UTC 2017
On 03/08/2017 11:46 AM, Gary Buhrmaster wrote:
> The big difference between the myth protocol and (say)
> ssh is that the later uses authentication, and the former
> allows any person (who determines your IPv6 address)
> to delete all your content (among other things) without
> anything other than your public IP address.
I think it is unlikely but maybe we don't want to risk it.
> If your Nest thermostat allowed unauthenticated access
> to turn off your heat, would you consider that a security
> vulnerability or not?
> Do not get me wrong, I think IPv6 is the now, and
> IPv4 is legacy/dead. But the myth protocol has been
> regularly stated by the MythTV elders as not being
> public Internet ready, and only with stateful protection
> (or someone who knows how to configure firewall rules)
> should one consider running the device on the public
> Internet. Changing the defaults to run IPv6 publicly
> will require stepping up the other parts of the protocol
> (one mitigation short of authentication might be to set
> the TTL for the myth protocol to something like 3,
> (just like DTCP-IP), which is more or less "in the
> residence" for 98% of the users).
I suppose for maximum security, listening on only link-local addresses
would be safest. Perhaps we should listen on all IPV4 addresses and only
on link-local ipv6 addresses.
> Anyway, I have had my say, if the devs want to
> default to a bind of :: it works for me (since I have
> had appropriate IPv6 protections in place for nearly
> a decade now).
Do you have any advice for the appropriate protections? My router is no
help and I am not a big business with money to spend on firewall devices.
I found some articles on the subject and they say you need to spend big
bucks and that ipv6 is not ready for the home network. Most articles
about ipv6 are addressed to medium size corporations.
More information about the mythtv-dev