nanog mailing list archives

Re: just seen my first IPv6 network abuse scan, is this the start for more?

From: Seth Mattinen <sethm () rollernet us>
Date: Fri, 03 Sep 2010 17:31:10 -0700

On 9/3/2010 17:12, Owen DeLong wrote:

I was not attempting to defend security through obscurity. It doesn't ultimately help at all.

However, compared to the network and other resource costs of scanning, even at more than a billion pps, I think there 
will be more effective vectors of attack that are more likely to be used in IPv6. In IPv4, an exhaustive scan is 
quite feasible. In IPv6, scanning a single subnet is 4 billion times harder than scanning the entire IPv4 Internet.

My point isn't that hiding hosts in arbitrarily large address space makes them safe. My point is that scanning is not 
the vector by which they are most likely to get discovered.


Even so, it won't stop the uninitiated from scanning the crap out of
IPv6 space.

~Seth

Current thread:

RE: just seen my first IPv6 network abuse scan, is this the startfor more?, (continued)
- - - RE: just seen my first IPv6 network abuse scan, is this the startfor more? Jamie Bowden (Sep 07)
    - Re: just seen my first IPv6 network abuse scan, Joe Greco (Sep 07)
    - Re: just seen my first IPv6 network abuse scan, is this the startfor more? Valdis . Kletnieks (Sep 07)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Owen DeLong (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Bill Bogstad (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Joel Jaeggli (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Owen DeLong (Sep 03)
    - RE: just seen my first IPv6 network abuse scan, is this the start for more? Deepak Jain (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Leo Bicknell (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Owen DeLong (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Seth Mattinen (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Dobbins, Roland (Sep 03)
- Re: just seen my first IPv6 network abuse scan, is this the start for more? Matthias Flittner (Sep 03)
  - Re: just seen my first IPv6 network abuse scan, is this the start for more? Dobbins, Roland (Sep 03)
  - Re: just seen my first IPv6 network abuse scan, is this the start for more? Igor Ybema (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Dobbins, Roland (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Matthias Flittner (Sep 03)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? William Allen Simpson (Sep 04)
    - Re: just seen my first IPv6 network abuse scan, is this the start for more? Joel Jaeggli (Sep 05)