nanog mailing list archives
Re: a record?
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Mon, 14 Nov 2005 19:23:09 -0500
In message <43791C64.4050500 () linuxbox org>, Gadi Evron writes:
You don't have to scan an entire /64 ( :) ). You can sniff network traffic and see what IP addresses you see, then scan only close ranges to those. You can create a DB or download one, with addresses of known used spaces. You can throw out thousands of random packets, finding used spaces. You can do a lot of things, some smarter and mathematical, others just sensible. If I could come up with 3 silly solutions in 2 seconds, I bet the Bad Guys will do far better when the time comes, if it ever does. I am of a mind that we need IPv-NEXT-ONE (or whatever) to deal with actual problems before we undertake IPv6, but that's just an opinion and therefore completely wrong.
Yes. Angelos Keromytis, Bill Cheswick, and I have a paper on this that will be out shortly. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- a record? Randy Bush (Nov 14)
- Re: a record? Jeroen Massar (Nov 14)
- Re: a record? Gadi Evron (Nov 14)
- Re: a record? Jeroen Massar (Nov 14)
- Re: a record? Gadi Evron (Nov 14)
- Re: a record? Steven M. Bellovin (Nov 14)
- Re: a record? Kevin Loch (Nov 14)
- Re: a record? Rob Thomas (Nov 14)
- Re: a record? Randy Bush (Nov 14)
- Re: a record? Dan Hollis (Nov 14)
- Re: a record? Gadi Evron (Nov 14)
- Re: a record? Jeroen Massar (Nov 14)
- Re: a record? william(at)elan.net (Nov 14)
- Re: a record? Matthew Sullivan (Nov 14)
- Re: a record? Frank Louwers (Nov 15)
- Re: a record? John Levine (Nov 15)