[101109] in North American Network Operators' Group
Re: European ISP enables IPv6 for all?
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Tue Dec 18 06:21:51 2007
Cc: "Christopher Morrow" <morrowc.lists@gmail.com>,
"Sean Siler" <Sean.Siler@microsoft.com>,
"nanog@merit.edu" <nanog@merit.edu>
From: Iljitsch van Beijnum <iljitsch@muada.com>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
In-Reply-To: <20071218003710.2f0877e3@cs.columbia.edu>
Date: Tue, 18 Dec 2007 12:14:52 +0100
Errors-To: owner-nanog@merit.edu
On 18 dec 2007, at 6:37, Steven M. Bellovin wrote:
> In a slightly more realistic vein, a huge address space makes life
> harder for scanning worms. As Angelos Keromytis, Bill Cheswick, and I
> have pointed out, "harder" is by no means equivalent to "impossible",
> but the myth, new as it is, still propagates.
I'd say that the huge address space makes life impossible for scanning
worms.
That doesn't mean that there can be no successful scanning at all with
IPv6, but it needs to be highly targeted if you want results the same
year, so just pumping random numbers in the destination address field
like SQL slammer did so successfully doesn't cut it in IPv6.
