NIST IPv6 document
Jack Bates
jbates at brightok.net
Thu Jan 6 09:17:30 PST 2011
On 1/6/2011 10:44 AM, Joe Greco wrote:
> On the flip side, however, I would point out that attackers have had vastly
> more resources made available to them in part *because* IPv4 has been so
> easily scanned and abused. To be sure, a lot of viruses have spread via
> e-mail spam and drive-by downloads, and sparse addressing will not prevent
> script kiddies from banging away on ssh brute force attacks against
> www.yoursite.com. But there's been a lot of spread through stupidity as
> well.
>
A randomly setup ssh server without DNS will find itself brute force
attacked. Darknets are setup specifically for detection of scans. One side
effect of v6, is determining how best to deploy darknets, as we can't just
take one or two blocks to do it anymore. We'll need to interweave the
darknets with the production blocks. I wish it was possible via DHCPv6-PD
to assign a block minus a sub-block (hey, don't use this /64 in the /48 I
gave you). It could be that darknets will have to go and flow analysis is
all we'll be left with.
Jack
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list