Freenas reachable from the Internet via IPv6?

[Spacemarine]

I have a very stupid router from my cable-provider that I can not exchange. In this router I can only activate or disable a Firewall for IPv6, meaning everything (besides ICMP) or nothing gets through from the outside.

Since I want to be able to reach my Freenas from to outside to use it as PULL for for replication, I'd like to disable the firewall and make it reachable. I wonder what the dangers are in that scenario? Because it seems that this is not recommended.

I know that if you are using IPv4, you get thousands of Portscans, break-in attempts etc... But with IPv6, no one can guess your IP-address, so unless you use DynDNS, no one knows that you are even there.

What do you think? Did I overlook something? What are the dangers?

 

[cyberjock]

I'll answer this because nobody else did. The real short-and-skinny is that making your system available to the outside world via a "fully open" firewall is a very, very bad idea. In short, you need to add a firewall, even if you have to go get a router of your own. Leaving your system fully open is asking for trouble. In the past we've flamed people for questions like this (although it wasn't overly obvious). Just read posts from @RussianMafia . They are pretty funny, but are actually serious words of warning.

 

[zoomzoom]

It's never recommended to utilize an ISP provided router on your LAN, and one should always utilize their own router behind the ISP's, with the ISP's connected to the WAN port on the second router. ISPs maintain the ability to remotely access their router, which by default means they have remote access to your LAN. It doesn't matter if the ISP has a policy against remote accessing the LAN, you don't know the verification process for reps who have the ability, nor does it guarantee a rogue employee utilizing the remote access feature illegally (is that likely, no, however the ability to do so is in place and it should make everyone extremely uncomfortable).

On top of that, corporate espionage is a real thing, and if China and other governments are okay paying billions to commit corporate espionage, how much do you think they would pay to garnish access to a dissident's information on their LAN; how much would one pay to an employee to steal information necessary for identity theft? We all keep sensitive information on our PCs/servers on our LAN, from bank statements, medical records, confidential work info/projects, etc., so if one wouldn't readily hand that information over to your ISP in person, why would one allow the ability to digitally garnish that information remotely?

An ISP provided router is only a step up from utilizing Public WiFi, and presents a serious privacy issue. ISPs have made this the norm in the past 2 years or so to make it easier to troubleshoot network issues on the customer end; where this obviously provides a benefit to seniors, it is a really, really bad idea. Consumers complain about the US government using PRISM, but in the next breath say they're okay with providing a business unfettered access to their LAN... it defies rational thinking and is quite baffling.