a record?
Steven M. Bellovin
smb at cs.columbia.edu
Tue Nov 15 00:23:09 UTC 2005
In message <43791C64.4050500 at linuxbox.org>, Gadi Evron writes:
>
>You don't have to scan an entire /64 ( :) ).
>
>You can sniff network traffic and see what IP addresses you see, then
>scan only close ranges to those.
>You can create a DB or download one, with addresses of known used spaces.
>
>You can throw out thousands of random packets, finding used spaces.
>
>You can do a lot of things, some smarter and mathematical, others just
>sensible. If I could come up with 3 silly solutions in 2 seconds, I bet
>the Bad Guys will do far better when the time comes, if it ever does. I
>am of a mind that we need IPv-NEXT-ONE (or whatever) to deal with actual
>problems before we undertake IPv6, but that's just an opinion and
>therefore completely wrong.
Yes. Angelos Keromytis, Bill Cheswick, and I have a paper on this that
will be out shortly.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list