Comment by theamk
18 days ago
No, that's the whole point.
Imagine I've shared output of "ifconfig" on my machine, or "netstat" output, or logs for some network service which listed local addresses.
For IPv4, this will is totally fine and leaks minimal information. For IPv6, it'll be a global, routable address.
That's a pretty weird threat model. Like, yeah commands you run on your machine can expose information about that machine.
Only in IPv6 world... in IPv4, it's all safe
Nope, iproute can still show your Mac address. And a curl ipinfo.io can show your public v4 address.
2 replies →
Especially as if someone is able to capture ifconfig data, they can probably send a curl request to a malicious web server and expose the NAT IP as well.
Just because you can think of scenarios where the IPv4 setup doesn't make a different doesn't discount that there are scenarios where it does.
Someone being able to observer some state is a different model from someone being able to perform actions on the system and the former has many more realistic scenarios in addition to the ones of the latter.
People post their ifconfig data all the time, example: https://forums.linuxmint.com/viewtopic.php?t=402315
Or if you happened to curl ipinfo
Or if you had a script that did that and put the public v4 address in your taskbar.
1 reply →