IPv6 Advertisements

Donald Stahl don at calis.blacksun.org
Wed May 30 14:31:54 UTC 2007

> I would call that not understanding today's security world. "Scanning"
> is not the primary mode of looking for vulnerabilities today. There are
> several more effective "come here and get infected" and "click on this
> attachment and get infected" techniques.
I'm well aware of the modern security problems. All I said was:
"There is something to be said for not being able to blindly spew worm
traffic and still expect to get a sensible hit ratio as with IPv4."
and I stand behind that statement.

> What scanning that does go on today usually not the "lets scan the
> Internet." No money in it. You target your scans to the address ranges
> of the sites you are trying to mine (i.e. build BOTNETs) or go after.
I'm not sure I understand what you are saying- if you number based on 
hardware addresses then I have no idea what you mean by "address 
ranges." The hosts you are trying to compromise could be anywhere in the 
subnet- that's the 3500 years I was referring to above. That's 3500 
years to scan a single /64 subnet- not the entire Internet- not even a 
tiny little fraction of it.

The problem will be people putting all their ducks in a row, so to speak.


More information about the NANOG mailing list