Interesting paper by Steve Bellovin - Worm propagation in a v6 internet
Mark Andrews
Mark_Andrews at isc.org
Wed Feb 15 03:09:25 UTC 2006
> On Wed, 15 Feb 2006, Mark Andrews wrote:
>
> > One of method missing is doing top down random walks of ip6.arpa.
>
> That's only easy if delegation were on a per-nybble basis, which is commonly
> not the case. Because there are not typically NS's at every nybble level,
> you have to do more than one hex digit's worth of randomness in the scan in
> order to find a next-level delegation, increasing the cost of scanning that
> namespace quite a bit.
>
> (Having delegations at every nybble level would be ... alarming at best,
> given the amount of PTR redirection that implies. :)
>
> --
> -- Todd Vierling <tv at duh.org> <tv at pobox.com> <todd at vierling.name>
A simple demonstation program. Don't run it for too long
as we don't really want to beat on WIDE's servers.
Mark
#!/bin/sh
qname=1.0.0.2.ip6.arpa
depth=4
try() {
local newqname
local oldqname
local l
oldqname=$qname
for l in 0 1 2 3 4 5 6 7 8 9 a b c d e f
do
newqname=$l.$oldqname
echo trying $newqname
dig +noques ptr $newqname > /tmp/$$xxx
grep PTR /tmp/$$xxx
if grep NOERROR /tmp/$$xxx > /dev/null
then
qname=$newqname
if test $depth -lt 31
then
depth=`expr $depth + 1`
try
depth=`expr $depth - 1`
fi
fi
done
qname=$oldqname
}
try
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the NANOG
mailing list