[ipv6hackers] scan6: Some notes on IPv6 address scanning
fgont at si6networks.com
Tue Feb 12 03:45:02 CET 2013
-----BEGIN PGP SIGNED MESSAGE-----
As noted in my previous announcement of the beta release of the SI6
IPv6 toolkit v1.3, this upcoming release includes an expanded version
of scan6, which tries to leverage patterns in IPv6 addresses.
Among the input I'd appreciate from the community is:
* Are there any patterns that have been left out of the tools? (other
than "wordy" addresses)
* What about the OUIs employed by virtualization technologies other
than vmware and VirtualBox? Can anyone provide data about them?
* If you happen to use the scan6 tool in the public Internet, and are
able to report your findings (e.g., which options you found most
effective, etc.), that would be useful.
* If you used the --tgt-vendor, or --tgt-ieee-oui... do the *MAC*
addresses follow any patterns? -- e.g., are they consecutive?
I plan to start working on a new release as soon as I post v1.3... so
any feedback will help improve the toolkit (whether on-list, or
off-list if you prefer not to go public with it).
That aside: I'll include a note in the relevant manpage, but... You
*really* need to read draft-ietf-opsec-ipv6-host-scanning (referenced
in the scan6 manual page) to know what you're doing (and to avoid
DoS'ing the target networks as a "side effect"), *and* you *really*
should be using the "-r" option as appropriate (or else the scan will
not be "reliable").
P.S.: If you haven't downloaded the toolkit (yet), here's where you
can find it: <http://www.si6networks.com/tools/ipv6toolkit>
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Ipv6hackers