[129367] in North American Network Operators' Group
Re: just seen my first IPv6 network abuse scan,
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Sep 3 14:04:18 2010
From: Owen DeLong <owen@delong.com>
To: "Dobbins, Roland" <rdobbins@arbor.net>
In-Reply-To: <B2ADB949-9271-46BB-BC45-C6C6111E8257@arbor.net>
Date: Sat, 4 Sep 2010 03:33:24 +0930
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Sent from my iPad
On Sep 3, 2010, at 11:19 PM, "Dobbins, Roland" <rdobbins@arbor.net> =
wrote:
>=20
> On Sep 3, 2010, at 7:58 PM, Owen DeLong wrote:
>=20
>> However, scanning in IPv6 is not at all like the convenience of =
comprehensive scanning of the IPv4 address space.
>=20
>=20
> Concur, but I still maintain that lots of illicit automation plus =
refined scanning via DNS, et. al. is a viable practice.
>=20
Care to elaborate? I'm betting you could find a handful of hosts on my =
network that are published in DNS (in which case you either already had =
their names, so, not sure what the scan does for you). I bet you would =
not easily find the rest.
The prefix is 2620:0:930::/48. Have fun, you have my permission to sweep =
the address space twice. If we are still alive when you think you found =
everything, or, enough to have learned something from scanning that is =
meaningful and couldn't have been learned without scanning, send me your =
information and I'll let you know how well you did.
Owen
> =
-----------------------------------------------------------------------
> Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>=20
> Sell your computer and buy a guitar.
>=20
>=20
>=20
>=20
