Re: IPv6 Security Scanner

[Nicob <nicob () nicob net>]

Le lundi 13 février 2006 à 20:40 +0000, dgoodrum () nfr com a écrit :

> The jist of the project I'm working on started because there is a
> belief that when IPv6 rolls out, active scanning will become a thing
> of the past due to the large number of potential addresses on a given
> subnet.  i.e. the smallest IPv6 subnet address range is millions of
> times larger than the entire IPv4 address range, implying that it will
> take a VERY VERY long time to scan the full address range.  So, rather
> than actively scan a range looking for hosts to check for
> vulnerabilities, we're hoping to solve the problem by passively
> finding IP addresses as soon as they talk on the network and then
> triggering the scan.  Comments on these assertions/ideas are very
> welcome.

Bellowin, Cheswick and Keromytis just published a paper about which
strategies a worm could use to scan a IPv6 network for live hosts :

        http://www.cs.columbia.edu/~smb/papers/v6worms.pdf


-- 
Nicob
Hey, I'm looking for a pen-tester job (France or telecommuting) 


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------