[ipv6hackers] IPv6 Security research

The Fungi fungi at yuggoth.org
Wed Mar 28 18:59:44 CEST 2012


On 2012-03-28 09:58:46 +0200 (+0200), Dominik Elsbroek wrote:
> You might not want to scan the ff02::1ffXX:YY:ZZ addresses but to scan
> fe80::XXXX:XXff:feXX:XXXX which has the same count of bits to iterate
> over.
[...]

Not really--that's twice as many bits (or 2^24 times as many
addresses to scan).

If you're specifically looking for EUI-64-based addresses, you can
reduce the search space to IEEE-assigned OUIs and IABs in the first
24 bits though... Last I looked there were about 20k so effectively
only 38 bits worth to search instead of 48. You could probably
further narrow it by a few bits if you weeded out unlikely
manufacturers.
-- 
{ IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829);
WHOIS(STANL3-ARIN); SMTP(fungi at yuggoth.org); FINGER(fungi at yuggoth.org);
MUD(kinrui at katarsis.mudpy.org:6669); IRC(fungi at irc.yuggoth.org#ccl); }



More information about the Ipv6hackers mailing list