[125999] in North American Network Operators' Group
Re: the alleged evils of NAT, was Rate of growth on IPv6 not fast
daemon@ATHENA.MIT.EDU (Matthew Kaufman)
Wed Apr 28 00:00:38 2010
Date: Tue, 27 Apr 2010 20:59:12 -0700
From: Matthew Kaufman <matthew@matthew.at>
To: James Hess <mysidia@gmail.com>
In-Reply-To: <n2u6eb799ab1004271636w8a428d16y3880188792323903@mail.gmail.com>
Cc: nanog@nanog.org
Reply-To: matthew@matthew.at
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
James Hess wrote:
>
>
> Fortunately, the IPv6 address space is so large and sparse, that
> scanning it would be quite a feat, even if a random outside attacker
> already knew for a fact that a certain /64 probably contains a
> vulnerable host.
All I need to do is run a popular web site on the IPv6 Internet, and I
get all the addresses of connected hosts I want. That
address-space-scanning is hard is nearly irrelevant.
Matthew Kaufman
