He has UPnP enabled instead of manually port forwarding

>he has UPnP enabled instead of manually port forwarding

Attached: laughing.jpg (258x245, 12K)

Other urls found in this thread:

arstechnica.com/information-technology/2018/11/mass-router-hack-exposes-millions-of-devices-to-potent-nsa-exploit/
twitter.com/NSFWRedditGif

Yes

NAT and PAT are botnet and bloat

NAT and IPV4 are fucking cancer

what is this frog called?

No, I don't.

NAT is better using IPv6 and having all devices internet facing.

Peepee

>he thinks I care about his tinfoil hat opinion

Attached: 1540698488512.gif (480x270, 1000K)

"UPnP isn't horribly insecure and isn't full of vulnerabilities making it incredibly easy to compromise my network. The NSA doesn't have tools that got leaked exploiting these vulnerabilities that wrecked havoc on hundreds of thousands of people"
ok buddy its just a conspiracy lol

>mom, clear my appointments
>i flashed some new firmware on my router and need to re-forward all my ports

Attached: tip.png (1280x720, 533K)

IPv6 is perfectly fine as long as your firewall denies inbound by default. Routing packets and applying stateless firewall rules is a lot faster than NAT, and handles UDP better. Enjoy your consumer potato routers choking and dying when HTTP/3 makes a browser with 50 tabs open functionally equivalent to Bittorrent.

>disable UPnP is as simple as unchecking a box in the router's settings
>forwarding ports so everything works as it did takes 10 minutes and there's websites dedicated to teaching you how to do it
>I don't have to worry about the tons of exploits (people have known how shitty UPnP is since like 2003) like Eternalsilence which was just discovered anymore which the rest of you are vulnerable to.

arstechnica.com/information-technology/2018/11/mass-router-hack-exposes-millions-of-devices-to-potent-nsa-exploit/

is ipv6 a meme? It's 20 year old tech and it's never really been adopted or implemented in a meaningful way

>not connecting your devices directly to the internet

Just set up port knocking sequences you peasants.

FUCK I HOPE THE CHINESE DON'T STEAL MY RARE PEPES

IPv6 is much better than IPv4. The delay in deployment is because network hardware vendors and cloud providers are niggers. That is finally changing.

UPnP exploits have affected hundreds of thousands of people across the globe in some of the most notorious malware campaigns of all time and yesterday it was discovered that millions of routers are vulnerable to the newly discovered Eternalsilence exploit and 50,000 have already been compromised. I thought g had good opsec but your routers are ticking time bombs?

>Enjoy your consumer potato routers choking and dying when HTTP/3 makes a browser with 50 tabs open functionally equivalent to Bittorrent.
My potato router doesn't even notice that shit.
The problems are 100% software. Shit settings chosen by the software maker.

Oh really? Your potato could handle five people times 200 tabs plus a 4K Netflix stream and a couple of Windows updates, all using NAT+UDP in place of TCP? I very much doubt it.

Yes.

How come g is so clueless? Where can I go where people know what they're talking about?

>wrecked

IPv6 is absolutely necessary because we have exhausted the entire IPv4 address space. Although I'd rather not have kids DDoS-ing my HTPC

>IPv6 is absolutely necessary because we have exhausted the entire IPv4 address space.
No, we haven't.
There are large swathes of it that aren't being used, and I'm not talking about network restricted addresses.
We worked around the problem and it was an entirely reasonable solution.

reddit, unironically

If your router isn't vulnerable the only way this can happen is if malware gets onto your computer and opens ports via UPnP, but at that point it's the least of your worries.

The only problem is that it's... Reddit.

Firewall enabled on each client pc + primary server
Antivirus software on client pc's
Ports on router locked down to just essential ones
UPuP on router disabled
Wifi password is hard to guess (not some normal shit word or easy to guess number)

Internet facing services (FTP/Remote media server access) restricted by user/password (which is hard to guess and restricted as well)

I'm pretty secure. No problems or red flags yet

You guys are fucking retarded, read the article, it hardly works on any routers and all it does is let them forward two specific ports that literally nothing runs on so there is nothing for them to exploit.

yes

i'm running the latest OpenWRT so i'm safe nigga

Attached: dab.webm (540x960, 249K)

needing to forward literally anything besides SSH

I like their songs

his parents must be proud

That's a she

uhuh.

unironically Is right.
Reddit may be utter shit in regards to music, series, memes, etc. But is actually nice to discuss objective matters more than an anonymous imageboard. Just read about the utility of distros there and here, and here is just complete nonsense about minimalism or compiling everything, and shit that nobody in the industry cares like if the distro is from people on the US or not, or if the distro has a funny name like Fedora. To be honest this is by far the shitiest board to read stuff about anything in particular, the memes are not even good. Is just "hurrr I'm better ur stupid cuz I'm minimal" and consumer electronic wars.

>using NAT

I'd be proud if I were their parent, stupid fag

Attached: 1543639085217.gif (1023x906, 3.07M)

a she he

jow is that guy any different from your typical arch Linux user?

>not using a convenient feature that saves you 5 seconds

She's not a trap. Her name is nyannyan

>His name is nyannyan
FTFY

It's a huge security issue that's easily exploited

any blog or something that shows this in action?

>he doesn't just expose his main PC to the DMZ

I linked one above, an exploit taken advantage of UPnP was discovered two days ago and compromised 50,000 routers. There's lots of NSA tools that got leaked that use similar exploits. UPnP turns your router into a ticking time bomb

Cellphones use it when possible and fall back to a Carrier-grade NAT when it needs to reach and IPv4 address.

>we have exhausted the entire IPv4 address space.
Not really.
The problem is that during the early stage of the internet, back when nobody could have imagined how large it would get, some companies were given huge class a networks.
Today, they still hold onto them, going full gollum and refusing to give them to anyone else, even though they are not using them themselves.

> He has both on at the same time

Attached: 1543672426203.jpg (572x306, 24K)

So what you're saying is that, like computers, they use whatever is dished out by the network they are on.

>he's autistic

>he cares about security

>he breathes automatically instead of manually choosing when to breath

Attached: 1532896487765.jpg (385x400, 61K)

>discuss objective
>utility of distros
you're actually fucking retarded

So let's recap:
>given huge class a networks
>given
As in:
>gratis transfer of ownership
>ownership
As in:
>they don't have to give it back
So it's:
>unavailable to anyone else
>unavailable
And since all the other /8s are also:
>unavailable
It means that:
>we have exhausted the entire IPv4 address space
So:
>Not really.
Is an irrelevant distinction.

+1
Tragic, but true.

Not really, we haven’t exhausted them if there are more ipv4 addresses.

nah nigga they been used up

This. IPv6 is a much simpler and scalable solution.

lol this thread
everybody are niggers
/thread

did you mean "You're all niggers.", or "Everybody here is a nigger."?
also, you can't /thread yourself

ur mom gay bro