56
OpenPrinting News Flash - cups-browsed Remote Code Execution vulnerability
(openprinting.github.io)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
ipv6 doesn't give the NAT. A malicious website can mount the attack.
How?
Say I host a malicious server with ipv6 only. You visit the site without NAT. I get your ip and ip:631 is open (unless firewall and listen is restricted to prefix). Usual attack afterwards.
Edit: You need to have ipv6, for example many mobile networks.
I have full IPv6, none of my ports that I haven't explicitly whitelisted in the firewall can be accessed from the Internet. I can open a host completely, but it's not default. This is on the most common brand of consumer routers here.
Just because it's not NATted doesn't mean there's no firewall in place.
Yeah ofcourse firewall is the good idea here. I personally have firewall on on every device so that I can manage what can connect and from where.
The point is though often people just disable firewalls (some distros do not install/enable by default too) to workarround certain issues quickly like kdeconnect not connecting, bridge not working and such. That's how I think the whole 'ipv4 NAT is the best (consumer) firewall' concept came popular.