Re: IPv6 ranges

[Xu Weilin <mzweilin () gmail com>]

On Mon, Jul 25, 2011 at 4:42 PM, Luis MartinGarcia. <luis.mgarc () gmail com>wrote:

> Hi!
>
> Here are my two cents:
>
> I think we could define "large IPv6 remote network" as a net bigger than
> /96. A /96 is equivalent to the whole IPv4 address space so I guess
> scanning something as big as the current Internet, should be the limit.
> In my opinion, anything bigger than a /96 should make Nmap fatal. Of
> course, we could add something like a --force option, but I really don't
> think that Nmap should only warn users when they request some crazy
> stuff like a /64.

It's reasonable to limit the target network scale before we develop some
effective host discovery methods on remote sites. In a addition, we have
introduced other notations besides CIDR so that it isn't enough if we only
limit the netmask. For example, the scale of '2001::1-ff:1-ff:*/128' is
equal with /96.



> Also, Weilin, if it is easy to do, It would be great if the code that
> handles IPv6 ranges was placed in libnetutil. That way other tools like
> Nping or Ncat could use it.

I'm not familiar with these code at the moment, but I will discuss with
David on the next meeting. Thanks.

-- 
Regards
Xu Weilin 许伟林
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/