Isn't it a huge security issue to include the MAC address inside of an IPv6 address by default

security privacy ipv6

Solution 1:

Whether or not it is a 'major concern' is a point of opinion, but this idea has been had before, and resulted in action. Microsoft itself proposed an RFC to cover just this. RFC 4941, Privacy Extensions for Stateless Address Autoconfiguration in IPv6 (Sept, 2007). IIRC, Windows defaults to use this, the Linux IPv6 stack has this as an option (your distro-of-choice may already set it by default), and OS X 10.6 also has support. That's a very large portion of end-user devices right there.

Solution 2:

Yes, that is a concern, and it is the reason some operating systems intentionally do not use the EUI-64 standard, preferring to use random data for the last 64 bits of their address.

Related

SSH: Do you use one private/public key pair for each remote machine? Or a single pair for all?
How to enforce dnsmasq to use an upstream dns server only for some specified domain names?
Mysql crashed and won't start up
Is it possible to have sshd accept passwords only on certain ports?
Should I append a dot (.) at the end of my DNS urls?
How do I remove a server-added header from proxied location?
How to kill a <defunct> process with parent 1
Why does it take seconds to obtain IP address via DHCP?
How to send running process to background?
Ansible: How to run one Task Host by Host?
Could not resolve host: mirrorlist.centos.org Centos 7
scp files and delete files on remote directory [closed]