[AusNOG] IPv4 Exhaustion, APNIC EC, and James is a nice bloke ; -)

Mark Newton newton at internode.com.au
Wed Jul 23 19:08:33 EST 2008

On 23/07/2008, at 8:36 AM, Matthew Moyle-Croft wrote:

>>> Try doing a port scan over available addresses in a 128 bit
>>> address space. Takes eons. You've just multiplied security by
>>> obscurity by 2^56, given the default subnet size differences
>>> (2^8 vs 2^64).
> So, port scans aren't going to be useful anymore.   <shrug>

Yeah they will.

The dirty little secret that Narelle hasn't pointed out is that IPv6
autonegotiation on Ethernet networks ends up being based on the host's
MAC address, which is only 48 bits wide.  So it isn't really a 2^64
address space that needs to be scanned, it's only 2^48.

... and even that isn't true, because MAC addresses are "structured":
they're a 24 bit vendor code and a 24 bit host address.  So if you
know the vendor who produces the device you're targeting, you only
need to scan through 24 bits.  Which is only about 16 million addresses,
per vendor, and eminently achievable on today's networks.


   - mark

Mark Newton                               Email:  newton at internode.com.au 
Network Engineer                          Email:   
newton at atdot.dotat.org  (H)
Internode Systems Pty Ltd                 Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223

More information about the AusNOG mailing list