[ipv6hackers] Justification for network recon of IPv6 space

Fernando Gont fgont at si6networks.com
Sat Sep 26 11:05:15 CEST 2015

Hi, Joe,

On 09/25/2015 10:32 AM, Joe Klein wrote:
> I was just reading Network Reconnaissance in IPv6 Networks,
> draft-ietf-opsec-ipv6-host-scanning-08,
> and must say it is a good read (Nice job Fernando). But it left me with one
> question, and that is, Why is Network Reconnaissance still valid in an IPv6
> world?

FWIW, what we (Tim and Me) tried to do in this document was to analize
who things change wrt IPv4, and what are the possible ways to do network
reconnaissance in v6.

I'd say that, for the most part, we were addressing the attacker's case
(i.e., how an attacker or pentester would do network reconnaissance).

> So my question to the group, who would have value for this information and
> for what purpose? Can someone clue me in? Comments?

Pentesters, attackers and people that care about attacks, and folks that
e.g. lack logs for one reason or another.


Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

More information about the Ipv6hackers mailing list