Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Katrina Network Damage Report

  • From: Valdis.Kletnieks
  • Date: Mon Sep 12 13:50:44 2005

On Mon, 12 Sep 2005 12:26:03 EDT, "Howard, W. Lee" said:

> Maybe I missed an intermediate post or two, but is the assertion
> here that IPv6 is more secure because it's impractical to scan such
> a large number of possible host IP addresses?  Sort of like zebra
> camouflage--it's easy to see the herd, but hard to see a single
> zebra.
> 
> There may be other ways to find a host address than random botting.
> Phishing, perhaps.

The good news here is that although there's "neighbor discovery protocols" that
let you find the other zebras on the subnet, they only work if you're already
riding a zebra in the herd.  If you're riding a giraffe or hippo, or a zebra
from another herd, you still can't see the zebras.

Now if we could just do some genetic engineering to cull this mutation
that causes zebras to spontaneously sprout big neon "Ride Me" signs.....

(In other words, yes - we *will* see a shift in tactics from "random scanning"
to "find a vulnerable host on the subnet, and use it to enumerate the other
hosts".  I predict that web bugs and spam variants will be the method of choice
for finding that first host.....)

Attachment: pgp00017.pgp
Description: PGP signature




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.