16 Dec
2012
16 Dec
'12
1:30 p.m.
On 15/12/12 22:42, Jeremy Kitchen wrote:
On Sat, Dec 15, 2012 at 08:44:28PM +0000, Chris Dennis
wrote:
Here's one interesting document on the subject:
http://www.ietf.org/rfc/rfc5157.txt
One thing that struck me from a quick reading of that was the use of
logfiles for collecting IPv6 addresses. If I set up a website with
something tempting on it, I could then extract the IP addresses of
visitors, and sell them to would-be attackers, in the same way that
people sell lists of email addresses to spammers.
So yes, attacking IPv6 addresses is harder than with IPv4, but it's
certainly not impossible.
cheers
Chris
--
Chris Dennis cgdennis(a)btinternet.com
Fordingbridge, Hampshire, UK
On 15/12/12 18:46, Jeremy Kitchen wrote:
Right, which means they have to start fuzzing your dns info (or just
grab a zone transfer if your server is set up improperly)
It makes it a more targeted attack than just scanning all of the IPs on
the internet for vulnerable points.
I really wish I could remember where I heard/read about this. It
discusses the dns discovery and everything.
-Jeremy That's 2**64 ips. Or the equivalent of the
current internet. Squared.
18446744073709551615 IP addresses. Assuming you could test for a port
being responsive with just a single packet, and assuming each packet is
a single byte (which it's not, by a long shot), that's 16 EXAbytes of
outbound traffic.
I'm not sure that's true. Scanners won't just try to guess a
server's address when it's publicly available. For example:
$ dig -t aaaa ipv6.he.net
<snip>
;; ANSWER SECTION:
ipv6.he.net. 86246 IN AAAA 2001:470:0:64::2
which reveals the exact address to target.