nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Interesting paper by Steve Bellovin - Worm propagation in a v6 internet

From: Mark Andrews <Mark_Andrews () isc org>
Date: Wed, 15 Feb 2006 14:09:25 +1100



On Wed, 15 Feb 2006, Mark Andrews wrote:


    One of method missing is doing top down random walks of ip6.arpa.


That's only easy if delegation were on a per-nybble basis, which is commonly
not the case.  Because there are not typically NS's at every nybble level,
you have to do more than one hex digit's worth of randomness in the scan in
order to find a next-level delegation, increasing the cost of scanning that
namespace quite a bit.

(Having delegations at every nybble level would be ... alarming at best,
given the amount of PTR redirection that implies.  :)

-- 
-- Todd Vierling <tv () duh org> <tv () pobox com> <todd () vierling name>


        A simple demonstation program.   Don't run it for too long
        as we don't really want to beat on WIDE's servers.

        Mark

#!/bin/sh
qname=1.0.0.2.ip6.arpa
depth=4
try() {
        local newqname
        local oldqname
        local l
        oldqname=$qname
        for l in 0 1 2 3 4 5 6 7 8 9 a b c d e f
        do
                newqname=$l.$oldqname
                echo trying $newqname
                dig +noques ptr $newqname > /tmp/$$xxx
                grep PTR /tmp/$$xxx
                if grep NOERROR /tmp/$$xxx > /dev/null
                then
                        qname=$newqname
                        if test $depth -lt 31
                        then
                                depth=`expr $depth + 1`
                                try
                                depth=`expr $depth - 1`
                        fi
                fi
        done
        qname=$oldqname
}

try
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews () isc org
Previous By Date Next
Previous By Thread Next

Current thread: