I do know there is some security risks involved with ICMP for IPv4 protocols, for example spoofing, etc. But, what I don't know is, do these security risks apply to new standards, such as ICMP for IPv6 protocol? I have read that disabling ICMP for IPv6 isn't as good of an idea, as it is for IPv4, due to the requirements it needs for it to run fully operational. Not sure if that is entirely true or not, which is why I come here to ask the more knowledgeable on this matter. Is ICMP for IPv6 a security risk? Should it be disabled or enabled? I might want to add, I'm using IPv6 under a home based network. Anyways, any feedback is greatly appreciated, Thanks
http://www.internet2.edu/presentations/tip2013/20130116-Navaneethan-ipv6.pdf https://www.ietf.org/rfc/rfc4890.txt
Anti-spoofing rules are quite easy to make. On Windows, COMODO has a simple checkbox for that Do you need ICMP at all?
There are several myths about ICMP/IGMP with IPv6, I think most of them are well explained over here. Generally I wouldn't block it. I suggest you configure it for your user needs, I don't know about which of them we talking about (which type?) so I guess this is a general question. There are also several tools/guide especially on gibson research corparation to test your firewall and get a lot of iinformation about the network protocols and his weaknesses.
I asked about this on Emsisoft forum since there is so much mis-\dis- information regarding network security and IPv6. The reply was for home network - even with router - is to set firewall profile to Public for increased protection. Other than that, a home user has no need to create some type of over-the-top network configuration - unless you are Enemy of the State. In that case, you should run and never stop... LOL.
I learned it's more needed for IPv6 and less necessary on IPv4 connections, so I configured it as recommended (ICMP enabled for IPv6, ICMP disabled for IPv4). Also, thank you all for your replies, it was very helpful.
