Anthony DeRobertis wrote: > Further, IPv6 gives you some security that IPv4 didn't (besides > mandatory IPSec): A sparse address space. With IPv4, many worms have > taken to attacking random addresses. It's very effective, because it > only takes several probes to find a machine. It's how the SQL worm > works, it's how Nimbda and Code Red (in part) work, etc. On IPv6, that > isn't possible: It's quite reasonable to expect a hit rate of less than > 1/(2^64) w/ IPv6 --- so scanning random IPs is no longer feasible. I imagine a smart scanner could make some good guesses based on knowledge of what parts of the MAC address space have been assigned and are in common use, and maybe other patterns of how parts of the ipv6 addresses are used. Still, good point. -- see shy jo
Attachment:
pgpgHqNPNf3ae.pgp
Description: PGP signature