[86701] in North American Network Operators' Group
Re: a record?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon Nov 14 19:23:38 2005
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Gadi Evron <ge@linuxbox.org>
Cc: Jeroen Massar <jeroen@unfix.org>, Randy Bush <randy@psg.com>,
nanog@nanog.org
In-Reply-To: Your message of "Tue, 15 Nov 2005 01:23:16 +0200."
<43791C64.4050500@linuxbox.org>
Date: Mon, 14 Nov 2005 19:23:09 -0500
Errors-To: owner-nanog@merit.edu
In message <43791C64.4050500@linuxbox.org>, Gadi Evron writes:
>
>You don't have to scan an entire /64 ( :) ).
>
>You can sniff network traffic and see what IP addresses you see, then
>scan only close ranges to those.
>You can create a DB or download one, with addresses of known used spaces.
>
>You can throw out thousands of random packets, finding used spaces.
>
>You can do a lot of things, some smarter and mathematical, others just
>sensible. If I could come up with 3 silly solutions in 2 seconds, I bet
>the Bad Guys will do far better when the time comes, if it ever does. I
>am of a mind that we need IPv-NEXT-ONE (or whatever) to deal with actual
>problems before we undertake IPv6, but that's just an opinion and
>therefore completely wrong.
Yes. Angelos Keromytis, Bill Cheswick, and I have a paper on this that
will be out shortly.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
