Re: Article: IPv6 host scanning attacks

[Dave Hart <davehart () gmail com>]

On Wed, Jun 13, 2012 at 5:42 PM, Fernando Gont wrote:
> On 06/13/2012 02:28 PM, Dave Hart wrote:
>
> > > The aforementioned article is available at:
> > > <http://searchsecurity.techtarget.com/tip/Analysis-Vast-IPv6-address-space-actually-enables-IPv6-attacks>
> >
> > >
> > "published" and "available" are misleading at best.
>
> It is not. Just scroll down the page, and you'll find the whole article.
> -- it was easy to talk crap than to do that, right?

Yes, I'm an idiot for believing what I read on that site:

"Requires Free Membership to View"

Of course I should have expected that means "scroll past me and the
page of whitespace to view."

> > > (FWIW, it's a human-readable version  of the IETF Internet-Draft I
> > > published a month ago or so about IPv6 host scanning (see:
> > > <http://tools.ietf.org/html/draft-gont-opsec-ipv6-host-scanning>))
> >
> > I guess I'll take a look at this to see what you're smoking.
>
> I find it amazing the number of people that will talk crap when one
> publishes something when compared to the number of people that provides
> technical comments or criticism (even if it's "you're completely wrong
> because of this and that).

The draft and the article raise valid points about the predictability
of widely-used MAC-derived IIDs, but it does not in any way justify
the headline "Analysis: Vast IPv6 address space actually enables IPv6
attacks."  Whomever wrote that should share their stash.

Cheers,
Dave Hart