[ipv6hackers] Zmap

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Sun Sep 1 03:09:52 CEST 2013

people have been scanning the entire v4 address space for nearly two decades.  (I think I was
the first to do an exaustive scan)  Zmap is fraught with the primary problem of scanning, in
that it is -very- noticable and will be blocked by even semi-comatose network admins.

For those of us in the research space, scanning v6 presents some novel challanges.  v4 techniques
are not readily convertable to the v6 universe.  that said, there are a couple of projects which
show promise for low cost, minimal impact scanning of IPv6.   We should see early results 


On Sat, Aug 31, 2013 at 11:57:11PM +0000, Jim Small wrote:
> zmap is an interesting tool which allows scanning all public IPv4 addresses (IPv4 Internet) in about 45 minutes:
> https://zmap.io/
> To quote from Tech Week Europe<http://www.techweekeurope.co.uk/news/zmap-internet-scan-zero-day-125374>:
> The tool is only possible because the Internet is currently all squeezed into the (comparatively) small IP version 4 (IPv4) address space, leaving empty the much larger IP version 6 (IPv6) address space, where a brute force scan would be impossible using current hardware.  "We are living in a unique period", the researchers said in their talk. "IPv4 can be quickly, exhaustively scanned - IPv6 has not yet been widely deployed."
> I found this interesting because from a security vantage point you could argue that IPv6 is superior in the sense that you can't brute force scan it (Entire IPv6 Internet) whereas with IPv4 you can.  Do you think this constitutes an IPv6 advantage?
> --Jim
> _______________________________________________
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
> http://lists.si6networks.com/listinfo/ipv6hackers

More information about the Ipv6hackers mailing list