IPv6 and localhost

Wolfgang S. Rupprecht wolfgang.rupprecht+gnus200901 at gmail.com
Sat Jan 31 01:38:14 UTC 2009


Bill Davidsen <davidsen at tmr.com> writes:
> Wolfgang S. Rupprecht wrote:
>> Allen Kistler <an037-ooai8 at yahoo.com> writes:
>>> So the question really is:  Is there a reason localhost is not both
>>> the IPv4 loopback and the IPv6 loopback (*other* than hiding some bugs
>>> in some programs)?  Or should Fedora (and eventually Red Hat) change
>>> the default /etc/hosts shipped/created with anaconda?
>>
>> One of the first things I do on an install is get rid of the lame
>> distribution /etc/hosts file.  I've done this since fc4 and fedora,
>> just like netbsd and openbsd has no need for the silly targeted
>> localhost names.  The other silly thing is the "localhost.localdomain"
>> entry coming first.  Really, what is that about???  "localhost" has
>> worked just fine for over 2 decades.  Software understands it.  What
>> advantage is there to rocking the boat?
>>
> Using the hosts file for the local name and the names of a few useful
> hosts is protection against some fascist ISP deciding to block or DNAT
> all DNS queries to the ISP servers. So they can block lookup of sites
> they deem harmful.

Oh, I guess I wasn't clear.  I have a hosts file, I just object to the
silly localhosts entries in the stock fedora one.  (Especially the
fact that the silly localhost*.localdomain name is first.)

I've never liked using ISP's nameservers.  They never seem to be set
up right and are usually very old and buggy.  Luckily I haven't been
subjected to an ISP that blocks or steals port-53.  If they did I'd
certainly raise an unholy stink.  

As an aside I wonder if stealing and re-transmitting forged 53/udp and
53/tcp packets in a man-in-the-middle attack is the sort of attack the
wiretap laws were meant to protect against.  From what I understand,
organized crime used to cut the analog telephone wires tap in and
retransmit their own version of the signal in order perpetrate fraud.
Stealing mouse clicks by re-routing traffic for some hostnames strikes
me as a much milder form of the same fraud.

-wolfgang
-- 
Wolfgang S. Rupprecht              http://www.full-steam.org/  (ipv6-only)
         You may need to config 6to4 to see the above pages.




More information about the users mailing list