[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NIST IPv6 document

Subject: NIST IPv6 document
From: jbates at brightok.net (Jack Bates)
Date: Thu, 06 Jan 2011 11:17:30 -0600
In-reply-to: <[email protected]>
References: <[email protected]>

On 1/6/2011 10:44 AM, Joe Greco wrote:
> On the flip side, however, I would point out that attackers have had vastly
> more resources made available to them in part *because* IPv4 has been so
> easily scanned and abused.  To be sure, a lot of viruses have spread via
> e-mail spam and drive-by downloads, and sparse addressing will not prevent
> script kiddies from banging away on ssh brute force attacks against
> www.yoursite.com.  But there's been a lot of spread through stupidity as
> well.
>

A randomly setup ssh server without DNS will find itself brute force 
attacked. Darknets are setup specifically for detection of scans. One 
side effect of v6, is determining how best to deploy darknets, as we 
can't just take one or two blocks to do it anymore. We'll need to 
interweave the darknets with the production blocks. I wish it was 
possible via DHCPv6-PD to assign a block minus a sub-block (hey, don't 
use this /64 in the /48 I gave you). It could be that darknets will have 
to go and flow analysis is all we'll be left with.

Jack

References:
- NIST IPv6 document
  - From: jgreco at ns.sol.net (Joe Greco)

Prev by Date: NIST IPv6 document
Next by Date: Problems with removing NAT from a network
Previous by thread: NIST IPv6 document
Next by thread: NIST IPv6 document
Index(es):
- Date
- Thread