North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Interesting paper by Steve Bellovin - Worm propagation in a v6 internet
- From: Valdis.Kletnieks
- Date: Tue Feb 14 10:51:46 2006
On Tue, 14 Feb 2006 18:42:33 +0530, Suresh Ramasubramanian said:
> After all when there's an unlimited number of hosts connected to the
> v6 network, all that needs to happen is a small botnet to develop, and
> then start to port scan.
>
> The potentially larger number of hosts that can get infected will
> probably help do an exhaustive search for you, so that v6 botnets
> start small and then grow exponentially in size over time.
OK.. let's say we have a /48 allocated to an end site, and their router
falls over at 1Mpps. The exhaustive search will completely clog their pipe
for (2 ** (128 - 48))/1000000 seconds, or approximately 38,334,786,263 *years*.
(That 2**80 is *huge*, a lot bigger than people think...)
Even the most dim-witted site will notice after a day or two of this.
And that's why a worm would have to use techniques like Steve and fiends wrote about.
Attachment:
pgp00006.pgp
Description: PGP signature
|
