nanog mailing list archives
Re: Failure modes: NAT vs SPI
From: Joel Jaeggli <joelja () bogus com>
Date: Thu, 10 Feb 2011 22:40:05 -0800
On 2/10/11 7:53 AM, Lamar Owen wrote:
On Monday, February 07, 2011 04:33:23 am Owen DeLong wrote:1. Scanning even an entire /64 at 1,000 pps will take 18,446,744,073,709,551 seconds which is 213,503,982,334 days or 584,542,000 years. I would posit that since most networks cannot absorb a 1,000 pps attack even without the deleterious effect of incomplete ND on the router, no network has yet had even a complete /64 scanned. IPv6 simply hasn't been around that long.Sounds like a job for a 600 million node botnet. You don't think this hasn't already crossed botnet ops minds?
There are more useful things to do with the compute cycles...
Current thread:
- Re: quietly...., (continued)
- Re: quietly.... Blake Dunlap (Feb 04)
- Re: quietly.... Jay Ashworth (Feb 04)
- Re: quietly.... Jack Bates (Feb 03)
- Re: quietly.... david raistrick (Feb 03)
- Failure modes: NAT vs SPI Jay Ashworth (Feb 03)
- Re: Failure modes: NAT vs SPI Iljitsch van Beijnum (Feb 03)
- Message not available
- Re: Failure modes: NAT vs SPI Iljitsch van Beijnum (Feb 07)
- Re: Failure modes: NAT vs SPI Owen DeLong (Feb 07)
- Re: Failure modes: NAT vs SPI Lamar Owen (Feb 10)
- Re: Failure modes: NAT vs SPI Owen DeLong (Feb 10)
- Re: Failure modes: NAT vs SPI Joel Jaeggli (Feb 10)
- Re: Failure modes: NAT vs SPI Jay Ashworth (Feb 07)
- Re: Failure modes: NAT vs SPI Valdis . Kletnieks (Feb 07)
- Re: Failure modes: NAT vs SPI Jack Bates (Feb 07)
- Re: Failure modes: NAT vs SPI Iljitsch van Beijnum (Feb 07)
- Re: quietly.... Iljitsch van Beijnum (Feb 03)
- Re: quietly.... Jon Lewis (Feb 03)
- Re: quietly.... Iljitsch van Beijnum (Feb 03)
- RE: quietly.... Matthew Huff (Feb 03)
- Re: quietly.... Jack Bates (Feb 03)
- Re: quietly.... Matthew Palmer (Feb 03)