On Tue, 18 Dec 2007 12:14:52 +0100 Iljitsch van Beijnum <[EMAIL PROTECTED]> wrote:
> On 18 dec 2007, at 6:37, Steven M. Bellovin wrote: > > > In a slightly more realistic vein, a huge address space makes life > > harder for scanning worms. As Angelos Keromytis, Bill Cheswick, > > and I have pointed out, "harder" is by no means equivalent to > > "impossible", but the myth, new as it is, still propagates. > > I'd say that the huge address space makes life impossible for > scanning worms. Right, by simple arithmetic. > > That doesn't mean that there can be no successful scanning at all > with IPv6, but it needs to be highly targeted if you want results the > same year, so just pumping random numbers in the destination address > field like SQL slammer did so successfully doesn't cut it in IPv6. See http://www.cs.columbia.edu/~smb/papers/v6worms.pdf --Steve Bellovin, http://www.cs.columbia.edu/~smb