a record?

• Previous message (by thread): a record?
• Next message (by thread): a record?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jeroen Massar wrote:
> Gadi Evron wrote:
> 
>>>Other solution: disable IPv4 SSH and enable the IPv6 one, no scanning on
>>>that plane ;)
>>
>>Yet.
> 
> 
> Enjoy scanning, even I and I guess the rest of this list will be long
> time retired and sipping pina coladas and other good stuff (hot
> chocolate milk with whipcream and baileys anyone? :) in hawaii or some
> other heavenly place the day that the hardware and pipes are available
> to scan a single /64 efficiently.
> 
> It's easier & faster to google or use logs* for working hosts ;)
> 
> Greets,
>  Jeroen
> 
> * = maybe RFC3041 does have a use as that makes these IP's 'random' and
> thus sort of useless unless one attacks directly...

Not to start a huge pointless discussion, but I have a few thoughts on this:

You don't have to scan an entire /64 ( :) ).

You can sniff network traffic and see what IP addresses you see, then 
scan only close ranges to those.
You can create a DB or download one, with addresses of known used spaces.

You can throw out thousands of random packets, finding used spaces.

You can do a lot of things, some smarter and mathematical, others just 
sensible. If I could come up with 3 silly solutions in 2 seconds, I bet 
the Bad Guys will do far better when the time comes, if it ever does. I 
am of a mind that we need IPv-NEXT-ONE (or whatever) to deal with actual 
problems before we undertake IPv6, but that's just an opinion and 
therefore completely wrong.

Don't count any of today's trouble out.. even if we all did use IPv6. 
Besides, with IPv6 it is my understanding we will have far larger issues 
to contend with.

	Gadi.

• Previous message (by thread): a record?
• Next message (by thread): a record?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]