[ipv6hackers] Help wanted: Nmap IPv6 OS Detection

Joe Klein jsklein at gmail.com
Tue Sep 27 21:34:35 CEST 2011


Brute force scanning of an IPv6 range is impractical, as it has always
been.  Five or six years ago I had seen discussions about feeding
lists of IPv6 addresses into nmap to perform a scan.  Even today, I
got a call from customers telling me about ‘someone is trying to scan
our IPv6 segments’, but after reviewing the logs, they are performing
linear scans.  [Attacker 0 | Defender 1]

On a humorous note, we estimated the customer would be retired for six
years, before the attacker’s strategy would find the first device.

Today, enumerating an IPv6 segment, network or infrastructure requires
more finesse then did IPv4. Soon that will change.

Joe Klein

More information about the Ipv6hackers mailing list