gpg: Signature made Sat Dec 15 22:42:03 2012 UTC
gpg: using RSA key BEB441496300CC3D
gpg: Can't check signature: No public key
On Sat, Dec 15, 2012 at 08:44:28PM +0000, Chris Dennis wrote:
> On 15/12/12 18:46, Jeremy Kitchen wrote:
> >That's 2**64 ips. Or the equivalent of the current internet. Squared.
> >18446744073709551615 IP addresses. Assuming you could test for a port
> >being responsive with just a single packet, and assuming each packet is
> >a single byte (which it's not, by a long shot), that's 16 EXAbytes of
> >outbound traffic.
>
> I'm not sure that's true. Scanners won't just try to guess a
> server's address when it's publicly available. For example:
>
> $ dig -t aaaa ipv6.he.net
> <snip>
> ;; ANSWER SECTION:
> ipv6.he.net. 86246 IN AAAA 2001:470:0:64::2
>
> which reveals the exact address to target.
Right, which means they have to start fuzzing your dns info (or just
grab a zone transfer if your server is set up improperly)
It makes it a more targeted attack than just scanning all of the IPs on
the internet for vulnerable points.
I really wish I could remember where I heard/read about this. It
discusses the dns discovery and everything.
-Jeremy
