Re: Security over IPv6 networks
On Wed, 12 Mar 2003, Joey Hess wrote:
> Anthony DeRobertis wrote:
> > Further, IPv6 gives you some security that IPv4 didn't (besides
> > mandatory IPSec): A sparse address space. With IPv4, many worms have
> > taken to attacking random addresses. It's very effective, because it
> > only takes several probes to find a machine. It's how the SQL worm
> > works, it's how Nimbda and Code Red (in part) work, etc. On IPv6, that
> > isn't possible: It's quite reasonable to expect a hit rate of less than
> > 1/(2^64) w/ IPv6 --- so scanning random IPs is no longer feasible.
>
> I imagine a smart scanner could make some good guesses based on
> knowledge of what parts of the MAC address space have been assigned and
> are in common use, and maybe other patterns of how parts of the ipv6
> addresses are used. Still, good point.
>
>
Well I don't completely agree. For what I have seen around soon or later
even your washing machine will have an IPv6 address. It is true that the
amount of ip to probe are higher but also the amount of hosts will
increase. Mobile phones of the 3G series will have ipv6 soon and right
yesterday i was reading an announce that Sony plans to have full ipv6
support on all its product in 1 or 2 years from now and I expect all the
others to follow.
Fabio
--
drac (1.11-7) unstable; urgency=low
* added IPv6 patch from the great IPv6 Team
-- Noel Koethe <noel@debian.org> Sun, 9 Feb 2003 19:33:00 +0100
Reply to: