nanog mailing list archives
Re: Katrina Network Damage Report
From: Valdis.Kletnieks () vt edu
Date: Mon, 12 Sep 2005 13:49:08 -0400
On Mon, 12 Sep 2005 12:26:03 EDT, "Howard, W. Lee" said:
Maybe I missed an intermediate post or two, but is the assertion here that IPv6 is more secure because it's impractical to scan such a large number of possible host IP addresses? Sort of like zebra camouflage--it's easy to see the herd, but hard to see a single zebra. There may be other ways to find a host address than random botting. Phishing, perhaps.
The good news here is that although there's "neighbor discovery protocols" that let you find the other zebras on the subnet, they only work if you're already riding a zebra in the herd. If you're riding a giraffe or hippo, or a zebra from another herd, you still can't see the zebras. Now if we could just do some genetic engineering to cull this mutation that causes zebras to spontaneously sprout big neon "Ride Me" signs..... (In other words, yes - we *will* see a shift in tactics from "random scanning" to "find a vulnerable host on the subnet, and use it to enumerate the other hosts". I predict that web bugs and spam variants will be the method of choice for finding that first host.....)
Attachment:
_bin
Description:
Current thread:
- Re: Katrina Network Damage Report, (continued)
- Re: Katrina Network Damage Report Suresh Ramasubramanian (Sep 11)
- Re: Katrina Network Damage Report Valdis . Kletnieks (Sep 11)
- Re: Katrina Network Damage Report Valdis . Kletnieks (Sep 11)
- Re: Katrina Network Damage Report JORDI PALET MARTINEZ (Sep 11)
- Re: Katrina Network Damage Report Suresh Ramasubramanian (Sep 11)
- Re: Katrina Network Damage Report Patrick W. Gilmore (Sep 11)
- Re: Katrina Network Damage Report Suresh Ramasubramanian (Sep 11)