Nmap Development mailing list archives
Re: [NSE] whois.nse
From: doug () hcsw org
Date: Mon, 11 Aug 2008 13:47:42 -0700
On Wed, Aug 06, 2008 at 06:54:47AM +0000 or thereabouts, Brandon Enright wrote:
Regarding the IPv6 /32 cache, you should probably cache at /48 as that is the size being assinged to organizations. /32s are going to RiRs -- and being chopped into 65536 /48s. Seems like a more logical cache boundary to me.
In IPv4 one way to increase the cost of performing a DDoS attack on a webserver is of course to limit the number of connections possible from one IP to some low number like 2 (default number a browser will open to a vhost) or 4 (two browsers behind NAT). But with IPv6 anyone who can fill out a web form can get more IPv6 addresses then there are IPv4 addrs! So what is the best practise for doing this with IPv6? Limiting by /48s sounds good but I worry about whole organisations being subject to limits rather than just individual nodes--the NAT problem all over again. Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] whois.nse jah (Aug 05)
- Re: [NSE] whois.nse Brandon Enright (Aug 05)
- Re: [NSE] whois.nse jah (Aug 06)
- Re: [NSE] whois.nse doug (Aug 11)
- Re: [NSE] whois.nse Brandon Enright (Aug 05)