Also see https://www.cs.columbia.edu/~smb/papers/v6worms.pdf (Worm propagation strategies in an IPv6 Internet. ;login:, pages 70-76, February 2006.)
On Apr 20, 2012, at 3:08 50AM, Fernando Gont wrote: > FYI > > -------- Original Message -------- > Subject: IPv6 host scanning in IPv6 > Date: Fri, 20 Apr 2012 03:57:48 -0300 > From: Fernando Gont <fg...@si6networks.com> > Organization: SI6 Networks > To: IPv6 Hackers Mailing List <ipv6hack...@lists.si6networks.com> > > Folks, > > We've just published an IETF internet-draft about IPv6 host scanning > attacks. > > The aforementioned document is available at: > <http://www.ietf.org/id/draft-gont-opsec-ipv6-host-scanning-00.txt> > > The Abstract of the document is: > ---- cut here ---- > IPv6 offers a much larger address space than that of its IPv4 > counterpart. The standard /64 IPv6 subnets can (in theory) > accommodate approximately 1.844 * 10^19 hosts, thus resulting in a > much lower host density (#hosts/#addresses) than their IPv4 > counterparts. As a result, it is widely assumed that it would take a > tremendous effort to perform host scanning attacks against IPv6 > networks, and therefore IPv6 host scanning attacks have long been > considered unfeasible. This document analyzes the IPv6 address > configuration policies implemented in most popular IPv6 stacks, and > identifies a number of patterns in the resulting addresses lead to a > tremendous reduction in the host address search space, thus > dismantling the myth that IPv6 host scanning attacks are unfeasible. > ---- cut here ---- > > Any comments will be very welcome (note: this is a drafty initial > version, with lots of stuff still to be added... but hopefully a good > starting point, and a nice reading ;-) ). > > Thanks! > > Best regards, > > --Steve Bellovin, https://www.cs.columbia.edu/~smb
