[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Search IETF archive

I-D Action: draft-gont-opsec-ipv6-host-scanning-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : Host Scanning in IPv6 Networks
	Author(s)       : Fernando Gont
	Filename        : draft-gont-opsec-ipv6-host-scanning-00.txt
	Pages           : 18
	Date            : 2012-04-19

   IPv6 offers a much larger address space than that of its IPv4
   counterpart.  The standard /64 IPv6 subnets can (in theory)
   accommodate approximately 1.844 * 10^19 hosts, thus resulting in a
   much lower host density (#hosts/#addresses) than their IPv4
   counterparts.  As a result, it is widely assumed that it would take a
   tremendous effort to perform host scanning attacks against IPv6
   networks, and therefore IPv6 host scanning attacks have long been
   considered unfeasible.  This document analyzes the IPv6 address
   configuration policies implemented in most popular IPv6 stacks, and
   identifies a number of patterns in the resulting addresses lead to a
   tremendous reduction in the host address search space, thus
   dismantling the myth that IPv6 host scanning attacks are unfeasible.

A URL for this Internet-Draft is:

Internet-Drafts are also available by anonymous FTP at:

This Internet-Draft can be retrieved at:

I-D-Announce mailing list
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[IETF]     [IETF Discussion]     [Linux Kernel]