Re: Interesting paper by Steve Bellovin - Worm propagation in a v6 internet

[kx <kxmail () gmail com>]

On nmap:

> Even given the sheer size of v6 space some of the other traits noted
> by SMB - like the tendency of network equipment to be clustered in the
> first few bits of a /48, and possibly observing new v6 netblocks get
> announced and routed might be used by someone to make intelligent
> guesses.
>
> And nmap can probably be hacked into doing that kind of scanning.

http://www.insecure.org/nmap/man/man-target-specification.html

For Internet-wide surveys and other research, you may want to choose
targets at random. ... Undesirable IPs such as those in certain
private, multicast, or unallocated address ranges are automatically
skipped.

> I rather suspect that the portscanning will grow to keep pace with the
> actual number of v6 connected hosts.
> > On 2/14/06, Mohacsi Janos <mohacsi () niif hu> wrote:
> > In the 6NET project we identified, that exhaustive search in IPv6 is not
> > feasible (e.g. nmap does not support it for IPv6), but there are also

nmap's limited IPv6 - as well as IPv6 in IPv4 and all those other
flavors - support is due to the fact that it is not in as high demand
for support as IPv4.

However:

http://seclists.org/lists/nmap-hackers/2006/Jan-Mar/0001.html

MOVING FORWARD:

With this stable version out of the way, we plan to dive headfirst
into the next development cycle. Many exciting features are in the
queue, including a next-generation OS detection system. We also plan
to launch the 2006 Nmap User Survey in February, to learn what
features you want most.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev