Interesting paper by Steve Bellovin - Worm propagation in a v6 internet

Mark Andrews Mark_Andrews at isc.org
Wed Feb 15 03:09:25 UTC 2006



> On Wed, 15 Feb 2006, Mark Andrews wrote:
> 
> >     One of method missing is doing top down random walks of ip6.arpa.
> 
> That's only easy if delegation were on a per-nybble basis, which is commonly
> not the case.  Because there are not typically NS's at every nybble level,
> you have to do more than one hex digit's worth of randomness in the scan in
> order to find a next-level delegation, increasing the cost of scanning that
> namespace quite a bit.
> 
> (Having delegations at every nybble level would be ... alarming at best,
> given the amount of PTR redirection that implies.  :)
> 
> -- 
> -- Todd Vierling <tv at duh.org> <tv at pobox.com> <todd at vierling.name>

	A simple demonstation program.   Don't run it for too long
	as we don't really want to beat on WIDE's servers.

	Mark

#!/bin/sh
qname=1.0.0.2.ip6.arpa
depth=4
try() {
	local newqname
	local oldqname
	local l
	oldqname=$qname
	for l in 0 1 2 3 4 5 6 7 8 9 a b c d e f
	do
		newqname=$l.$oldqname
		echo trying $newqname
		dig +noques ptr $newqname > /tmp/$$xxx
		grep PTR /tmp/$$xxx
		if grep NOERROR /tmp/$$xxx > /dev/null
		then
			qname=$newqname
			if test $depth -lt 31
			then
				depth=`expr $depth + 1`
				try
				depth=`expr $depth - 1`
			fi
		fi
	done
	qname=$oldqname
}

try
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the NANOG mailing list