[135481] in North American Network Operators' Group
Re: Using IPv6 with prefixes shorter than a /64 on a LAN
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Tue Jan 25 21:29:54 2011
From: Roland Dobbins <rdobbins@arbor.net>
In-Reply-To: <4D3F74F6.4010506@gont.com.ar>
Date: Wed, 26 Jan 2011 09:29:34 +0700
To: nanog group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 26, 2011, at 8:12 AM, Fernando Gont wrote:
> Also, the claim that "IPv6 address scanning is impossible" is =
generally based on the (incorrect) assumption that host addresses are =
spread
> (randomly) over the 64-bit IID. -- But they usually aren't.
It also doesn't take into account hinted scanning via routing table =
lookups, whois lookups, and walking reverse DNS, not to mention making =
use of ND mechanisms once a single box on a given subnet has been =
successfully botted.
------------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Most software today is very much like an Egyptian pyramid, with millions
of bricks piled on top of each other, with no structural integrity, but
just done by brute force and thousands of slaves.
-- Alan Kay
